{"api_version":"1","generated_at":"2026-05-13T11:00:51+00:00","cve":"CVE-2014-1483","urls":{"html":"https://cve.report/CVE-2014-1483","api":"https://cve.report/api/cve/CVE-2014-1483.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2014-1483","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2014-1483"},"summary":{"title":"CVE-2014-1483","description":"Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.","state":"PUBLISHED","assigner":"mozilla","published_at":"2014-02-06 05:44:24","updated_at":"2026-04-29 01:13:23"},"problem_types":["CWE-1021","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html","name":"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"[security-announce] SUSE-SU-2014:0248-1: important: Security update for","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/102869","name":"http://osvdb.org/102869","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"https://security.gentoo.org/glsa/201504-01","name":"https://security.gentoo.org/glsa/201504-01","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Gentoo Security","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/56706","name":"http://secunia.com/advisories/56706","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"Security Advisory SA56706 - Cyberfox Multiple Vulnerabilities - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id/1029717","name":"http://www.securitytracker.com/id/1029717","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"Mozilla Firefox Multiple Flaws Let Remote Users Execute Arbitrary Code and Obtain Potentially Sensitive Information - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/56888","name":"http://secunia.com/advisories/56888","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"Security Advisory SA56888 - Ubuntu update for firefox - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id/1029720","name":"http://www.securitytracker.com/id/1029720","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"Mozilla Seamonkey Multiple Bugs Let Remote Users Execute Arbitrary Code and Obtain Potentially Sensitive Information - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mozilla.org/security/announce/2014/mfsa2014-05.html","name":"http://www.mozilla.org/security/announce/2014/mfsa2014-05.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"MFSA 2014-05: Information disclosure with *FromPoint on iframes","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/65316","name":"http://www.securityfocus.com/bid/65316","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"Mozilla Firefox/SeaMonkey CVE-2014-1483 Multiple Information Disclosure Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/90893","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/90893","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://8pecxstudios.com/?page_id=44080","name":"https://8pecxstudios.com/?page_id=44080","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","URL Repurposed"],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://secunia.com/advisories/56767","name":"http://secunia.com/advisories/56767","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"Security Advisory SA56767 - Mozilla Firefox / Thunderbird / SeaMonkey Multiple Vulnerabilities - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html","name":"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"[security-announce] openSUSE-SU-2014:0212-1: important: Mozilla Firefox","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.ubuntu.com/usn/USN-2102-2","name":"http://www.ubuntu.com/usn/USN-2102-2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"USN-2102-2: Firefox regression | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=950427","name":"https://bugzilla.mozilla.org/show_bug.cgi?id=950427","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"],"title":"950427 – (CVE-2014-1483) caretPositionFromPoint and elementFromPoint leak information about iframe contents via timing information","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html","name":"http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"],"title":"[security-announce] openSUSE-SU-2014:0419-1: important: Mozilla updates","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/56787","name":"http://secunia.com/advisories/56787","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"Security Advisory SA56787 - Mozilla Firefox Multiple Vulnerabilities - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.ubuntu.com/usn/USN-2102-1","name":"http://www.ubuntu.com/usn/USN-2102-1","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"USN-2102-1: Firefox vulnerabilities | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","name":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Oracle Solaris Bulletin - April 2016","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2014-1483","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-1483","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2014","cve_id":"1483","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"12.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"esm","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"1483","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"12.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"1483","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"13.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"1483","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mozilla","cpe5":"firefox","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"1483","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mozilla","cpe5":"seamonkey","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"1483","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"opensuse","cpe5":"opensuse","cpe6":"11.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"1483","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"opensuse","cpe5":"opensuse","cpe6":"12.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"1483","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"opensuse","cpe5":"opensuse","cpe6":"13.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"1483","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"oracle","cpe5":"solaris","cpe6":"11.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"1483","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"suse","cpe5":"linux_enterprise_desktop","cpe6":"11","cpe7":"sp3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"1483","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"suse","cpe5":"linux_enterprise_server","cpe6":"11","cpe7":"sp3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"-","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"1483","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"suse","cpe5":"linux_enterprise_server","cpe6":"11","cpe7":"sp3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"vmware","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"1483","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"suse","cpe5":"suse_linux_enterprise_software_development_kit","cpe6":"11.0","cpe7":"sp3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2014","cve_id":"1483","cve":"CVE-2014-1483","epss":"0.002770000","percentile":"0.510320000","score_date":"2026-05-04","updated_at":"2026-05-05 00:07:32"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T09:42:35.635Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"openSUSE-SU-2014:0212","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"},{"name":"1029717","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id/1029717"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://8pecxstudios.com/?page_id=44080"},{"name":"56787","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/56787"},{"name":"1029720","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id/1029720"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=950427"},{"name":"65316","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/65316"},{"name":"USN-2102-2","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntu.com/usn/USN-2102-2"},{"name":"GLSA-201504-01","tags":["vendor-advisory","x_refsource_GENTOO","x_transferred"],"url":"https://security.gentoo.org/glsa/201504-01"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"name":"firefox-cve20141483-info-disc(90893)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/90893"},{"name":"56888","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/56888"},{"name":"openSUSE-SU-2014:0419","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.mozilla.org/security/announce/2014/mfsa2014-05.html"},{"name":"102869","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/102869"},{"name":"SUSE-SU-2014:0248","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"},{"name":"USN-2102-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntu.com/usn/USN-2102-1"},{"name":"56767","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/56767"},{"name":"56706","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/56706"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2014-02-04T00:00:00.000Z","descriptions":[{"lang":"en","value":"Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-01-02T19:57:01.000Z","orgId":"f16b083a-5664-49f3-a51e-8d479e5ed7fe","shortName":"mozilla"},"references":[{"name":"openSUSE-SU-2014:0212","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"},{"name":"1029717","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id/1029717"},{"tags":["x_refsource_CONFIRM"],"url":"https://8pecxstudios.com/?page_id=44080"},{"name":"56787","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/56787"},{"name":"1029720","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id/1029720"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=950427"},{"name":"65316","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/65316"},{"name":"USN-2102-2","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntu.com/usn/USN-2102-2"},{"name":"GLSA-201504-01","tags":["vendor-advisory","x_refsource_GENTOO"],"url":"https://security.gentoo.org/glsa/201504-01"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"name":"firefox-cve20141483-info-disc(90893)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/90893"},{"name":"56888","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/56888"},{"name":"openSUSE-SU-2014:0419","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.mozilla.org/security/announce/2014/mfsa2014-05.html"},{"name":"102869","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/102869"},{"name":"SUSE-SU-2014:0248","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"},{"name":"USN-2102-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntu.com/usn/USN-2102-1"},{"name":"56767","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/56767"},{"name":"56706","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/56706"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"security@mozilla.org","ID":"CVE-2014-1483","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"openSUSE-SU-2014:0212","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"},{"name":"1029717","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1029717"},{"name":"https://8pecxstudios.com/?page_id=44080","refsource":"CONFIRM","url":"https://8pecxstudios.com/?page_id=44080"},{"name":"56787","refsource":"SECUNIA","url":"http://secunia.com/advisories/56787"},{"name":"1029720","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1029720"},{"name":"https://bugzilla.mozilla.org/show_bug.cgi?id=950427","refsource":"CONFIRM","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=950427"},{"name":"65316","refsource":"BID","url":"http://www.securityfocus.com/bid/65316"},{"name":"USN-2102-2","refsource":"UBUNTU","url":"http://www.ubuntu.com/usn/USN-2102-2"},{"name":"GLSA-201504-01","refsource":"GENTOO","url":"https://security.gentoo.org/glsa/201504-01"},{"name":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","refsource":"CONFIRM","url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"name":"firefox-cve20141483-info-disc(90893)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/90893"},{"name":"56888","refsource":"SECUNIA","url":"http://secunia.com/advisories/56888"},{"name":"openSUSE-SU-2014:0419","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"},{"name":"http://www.mozilla.org/security/announce/2014/mfsa2014-05.html","refsource":"CONFIRM","url":"http://www.mozilla.org/security/announce/2014/mfsa2014-05.html"},{"name":"102869","refsource":"OSVDB","url":"http://osvdb.org/102869"},{"name":"SUSE-SU-2014:0248","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"},{"name":"USN-2102-1","refsource":"UBUNTU","url":"http://www.ubuntu.com/usn/USN-2102-1"},{"name":"56767","refsource":"SECUNIA","url":"http://secunia.com/advisories/56767"},{"name":"56706","refsource":"SECUNIA","url":"http://secunia.com/advisories/56706"}]}}}},"cveMetadata":{"assignerOrgId":"f16b083a-5664-49f3-a51e-8d479e5ed7fe","assignerShortName":"mozilla","cveId":"CVE-2014-1483","datePublished":"2014-02-06T02:00:00.000Z","dateReserved":"2014-01-16T00:00:00.000Z","dateUpdated":"2024-08-06T09:42:35.635Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2014-02-06 05:44:24","lastModifiedDate":"2026-04-29 01:13:23","problem_types":["CWE-1021","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","matchCriteriaId":"79A602C5-61FE-47BA-9786-F045B6C6DBA8"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","matchCriteriaId":"8D305F7A-D159-4716-AB26-5E38BB5CD991"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*","matchCriteriaId":"E2076871-2E80-4605-A470-A41C1A8EC7EE"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*","matchCriteriaId":"7F61F047-129C-41A6-8A27-FFCBB8563E91"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndExcluding":"27.0","matchCriteriaId":"86B3B84A-9D1F-4863-987C-5C958B05C523"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*","versionEndExcluding":"2.24","matchCriteriaId":"328319A6-42EE-408E-91A8-87156C17AE46"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*","matchCriteriaId":"C3407560-6D54-4B1B-9977-AD4F6EB5D6BB"},{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*","matchCriteriaId":"DE554781-1EB9-446E-911F-6C11970C47F4"},{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*","matchCriteriaId":"DFBF430B-0832-44B0-AA0E-BA9E467F7668"},{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","matchCriteriaId":"A10BC294-9196-425F-9FB0-B1625465B47F"},{"vulnerable":true,"criteria":"cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*","matchCriteriaId":"3ED68ADD-BBDA-4485-BC76-58F011D72311"},{"vulnerable":true,"criteria":"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*","matchCriteriaId":"E534C201-BCC5-473C-AAA7-AAB97CEB5437"},{"vulnerable":true,"criteria":"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*","matchCriteriaId":"2470C6E8-2024-4CF5-9982-CFF50E88EAE9"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2014","CveId":"1483","Ordinal":"1","Title":"CVE-2014-1483","CVE":"CVE-2014-1483","Year":"2014"},"notes":[{"CveYear":"2014","CveId":"1483","Ordinal":"1","NoteData":"Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.","Type":"Description","Title":"CVE-2014-1483"},{"CveYear":"2014","CveId":"1483","Ordinal":"2","NoteData":"2014-02-05","Type":"Other","Title":"Published"},{"CveYear":"2014","CveId":"1483","Ordinal":"3","NoteData":"2018-01-02","Type":"Other","Title":"Modified"}]}}}