Lucene search
HistoryDec 11, 2014 - 11:59 a.m.
CVE-2014-8631
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.002
Percentile
64.9%
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 supports native-interface passing, which allows remote attackers to bypass intended DOM object restrictions via a call to an unspecified method.
Affected configurations
Node
mozillafirefoxRange≤33.0
ORmozillaseamonkeyRange≤2.30
Related
ubuntucve
ubuntucve
CVE-2014-8631
2014-12-11 00:00:00
cvelist
cvelist
CVE-2014-8631
2014-12-11 11:00:00
cve
cve
CVE-2014-8631
2014-12-11 11:59:12
prion
prion
Design/Logic Flaw
2014-12-11 11:59:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2014-91) - Linux
2021-11-11 00:00:00
Mozilla Firefox Multiple Vulnerabilities-01 (Dec 2014) - Windows
2014-12-16 00:00:00
Mageia: Security Advisory (MGASA-2014-0518)
2022-01-28 00:00:00
mozilla
mozilla
Privileged access to security wrapped protected objects — Mozilla
2014-12-02 00:00:00
mageia
mageia
Updated iceape package fixes security vulnerabilities
2014-12-09 23:12:41
archlinux
archlinux
firefox: multiple issues
2014-12-03 00:00:00
nessus
nessus
Firefox < 34.0 Multiple Vulnerabilities
2014-12-02 00:00:00
Firefox < 34.0 Multiple Vulnerabilities (Mac OS X)
2014-12-02 00:00:00
GLSA-201504-01 : Mozilla Products: Multiple vulnerabilities
2015-04-08 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2014-12-08 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-04-07 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.002
Percentile
64.9%
Related for NVD:CVE-2014-8631