CVE-2014-1585

CVSS v2.0 5 (Medium)

EPSS 0.46 % (76^th)

Affected Products 3

Advisories 6

The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not properly recognize Stop Sharing actions for videos in IFRAME elements, which allows remote attackers to obtain sensitive information from the local camera by maintaining a session after the user tries to discontinue streaming.

Weaknesses

CWE-NVD-noinfo

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2014-10-15 10:55:07
(10 years ago)
Updated Date: 2016-12-24 02:59:01
(7 years ago)

Affected Products

Mozilla

Configuration #1

		CPE23	From	Up To
	Mozilla Thunderbird 31.0	cpe:2.3:a:mozilla:thunderbird:31.0
	Mozilla Thunderbird 31.1.0	cpe:2.3:a:mozilla:thunderbird:31.1.0

Configuration #2

		CPE23	From	Up To
	Mozilla Firefox Esr 31.0	cpe:2.3:a:mozilla:firefox_esr:31.0
	Mozilla Firefox Esr 31.1.0	cpe:2.3:a:mozilla:firefox_esr:31.1.0

Configuration #3

	CPE23	Up To
Mozilla Firefox 32.0 and prior versions	cpe:2.3:a:mozilla:firefox	<= 32.0
Mozilla Firefox 30.0	cpe:2.3:a:mozilla:firefox:30.0
Mozilla Firefox 31.0	cpe:2.3:a:mozilla:firefox:31.0
Mozilla Firefox 31.1.0	cpe:2.3:a:mozilla:firefox:31.1.0