CVE-2014-8636
CVSS v2.0
7.5 (High)
EPSS
93.72 % (99th)
Affected Products
2
Advisories
3
The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors.
Weaknesses
- CWE-94
- Improper Control of Generation of Code ('Code Injection')
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2015-01-14 11:59:05
(9 years ago) - Updated Date
-
2017-09-08 01:29:25
(7 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...