CVE-2014-1501 — Vulnetix

CVE-2014-1501 PUBLISHED CVSS 5.800000190734863 MEDIUM

Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection.

EPSS 0.23% · 45.8th percentile

Risk Scores

CVSS 2.0

5.800000190734863

EPSS Score

0.23%

45.8th percentile

Affected Products

Vendor	Product	Versions
suse	linux_enterprise_server	11, 11
suse	linux_enterprise_desktop	11
n/a	n/a	*
suse	linux_enterprise_software_development_kit	11
mozilla	firefox	0.6, 0.6.1, 0.7.1
oracle	solaris	11.3

Exploit Intelligence

SUSE-SU-2014:0418 (circl)
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html (circl)
http://www.mozilla.org/security/announce/2014/mfsa2014-21.html (circl)
https://bugzilla.mozilla.org/show_bug.cgi?id=960135 (circl)

Timeline

Mar 19, 2014 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 3, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 8, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 2, 2023 EPSS Score
May 25, 2023 EPSS Score

References

http://www.mozilla.org/security/announce/2014/mfsa2014-21.html advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-23.html advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-20.html advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-26.html advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-29.html advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-24.html advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-32.html advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-17.html advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-30.html advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-31.html advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-28.html advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-16.html advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-15.html advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-22.html advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-25.html advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-18.html advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-27.html advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-19.html advisory
SUSE-SU-2014:0418 vendor-advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html url

…and 2 more

Open in Interactive Console →