Mozilla Firefox prior to 27.0 and SeaMonkey prior to 2.24 allow remote malicious users to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle solaris 11.3 |
||
canonical ubuntu linux 13.10 |
||
canonical ubuntu linux 12.10 |
||
canonical ubuntu linux 12.04 |
||
mozilla seamonkey |
||
mozilla firefox |
||
suse linux enterprise desktop 11 |
||
suse linux enterprise server 11 |
||
opensuse opensuse 12.3 |
||
suse suse linux enterprise software development kit 11.0 |
||
opensuse opensuse 11.4 |
||
opensuse opensuse 13.1 |