Mozilla Firefox before 34.0 and SeaMonkey before 2.31 provide stylesheets with an incorrect primary namespace, which allows remote attackers to bypass intended access restrictions via an XBL binding.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2014-12-11T11:00:00

Updated: 2024-08-06T09:42:36.632Z

Reserved: 2014-01-16T00:00:00

Link: CVE-2014-1589

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-12-11T11:59:02.993

Modified: 2024-11-21T02:04:40.420

Link: CVE-2014-1589

cve-icon Redhat

Severity : Moderate

Publid Date: 2014-12-02T00:00:00Z

Links: CVE-2014-1589 - Bugzilla