Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cnvd-2015-00365
Vulnerability from cnvd
Title: Mozilla Firefox/Thunderbird/SeaMonkey sendBeacon跨站请求伪造漏洞
Description:
Firefox/Thunderbird/SeaMonkey是Mozilla所发布的WEB浏览器和邮件/新闻组客户端。
Mozilla Firefox/Thunderbird/SeaMonkey存在跨站请求伪造漏洞,允许远程攻击者利用漏洞执行某些未经授权的操作,并获得对受影响的应用程序的访问。
Severity: 中
Patch Name: Mozilla Firefox/Thunderbird/SeaMonkey sendBeacon跨站请求伪造漏洞的补丁
Patch Description:
Firefox/Thunderbird/SeaMonkey是Mozilla所发布的WEB浏览器和邮件/新闻组客户端。Mozilla Firefox/Thunderbird/SeaMonkey存在跨站请求伪造漏洞,允许远程攻击者利用漏洞执行某些未经授权的操作,并获得对受影响的应用程序的访问。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description:
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: https://www.mozilla.org/en-US/ https://www.mozilla.org/zh-CN/thunderbird/ http://www.seamonkey-project.org/
Reference: http://www.securityfocus.com/bid/72047 https://www.mozilla.org/zh-CN/security/advisories/mfsa2015-03/
Impacted products
| Name | ['Mozilla Firefox ESR 31.4', 'Mozilla Firefox 35', 'Mozilla SeaMonkey 2.32', 'Mozilla Thunderbird 31.4'] |
|---|
{
"bids": {
"bid": {
"bidNumber": "72047"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2014-8638"
}
},
"description": "Firefox/Thunderbird/SeaMonkey\u662fMozilla\u6240\u53d1\u5e03\u7684WEB\u6d4f\u89c8\u5668\u548c\u90ae\u4ef6/\u65b0\u95fb\u7ec4\u5ba2\u6237\u7aef\u3002 \r\n\r\nMozilla Firefox/Thunderbird/SeaMonkey\u5b58\u5728\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u6267\u884c\u67d0\u4e9b\u672a\u7ecf\u6388\u6743\u7684\u64cd\u4f5c\uff0c\u5e76\u83b7\u5f97\u5bf9\u53d7\u5f71\u54cd\u7684\u5e94\u7528\u7a0b\u5e8f\u7684\u8bbf\u95ee\u3002",
"discovererName": "Muneaki Nishimura",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttps://www.mozilla.org/en-US/\r\nhttps://www.mozilla.org/zh-CN/thunderbird/\r\nhttp://www.seamonkey-project.org/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2015-00365",
"openTime": "2015-01-16",
"patchDescription": "Firefox/Thunderbird/SeaMonkey\u662fMozilla\u6240\u53d1\u5e03\u7684WEB\u6d4f\u89c8\u5668\u548c\u90ae\u4ef6/\u65b0\u95fb\u7ec4\u5ba2\u6237\u7aef\u3002Mozilla Firefox/Thunderbird/SeaMonkey\u5b58\u5728\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u6267\u884c\u67d0\u4e9b\u672a\u7ecf\u6388\u6743\u7684\u64cd\u4f5c\uff0c\u5e76\u83b7\u5f97\u5bf9\u53d7\u5f71\u54cd\u7684\u5e94\u7528\u7a0b\u5e8f\u7684\u8bbf\u95ee\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Mozilla Firefox/Thunderbird/SeaMonkey sendBeacon\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Mozilla Firefox ESR 31.4",
"Mozilla Firefox 35",
"Mozilla SeaMonkey 2.32",
"Mozilla Thunderbird 31.4"
]
},
"referenceLink": "http://www.securityfocus.com/bid/72047\r\nhttps://www.mozilla.org/zh-CN/security/advisories/mfsa2015-03/",
"serverity": "\u4e2d",
"submitTime": "2015-01-15",
"title": "Mozilla Firefox/Thunderbird/SeaMonkey sendBeacon\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e"
}
CVE-2014-8638 (GCVE-0-2014-8638)
Vulnerability from cvelistv5
Published
2015-01-14 11:00
Modified
2024-08-06 13:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:26:02.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2015:0046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0046.html"
},
{
"name": "62242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62242"
},
{
"name": "1031533",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031533"
},
{
"name": "USN-2460-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2460-1"
},
{
"name": "72047",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72047"
},
{
"name": "openSUSE-SU-2015:0192",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00002.html"
},
{
"name": "62304",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62304"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0047.html"
},
{
"name": "62259",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62259"
},
{
"name": "62250",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62250"
},
{
"name": "SUSE-SU-2015:0173",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00033.html"
},
{
"name": "62237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62237"
},
{
"name": "openSUSE-SU-2015:0077",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00014.html"
},
{
"name": "62418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62418"
},
{
"name": "SUSE-SU-2015:0171",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1080987"
},
{
"name": "62316",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62316"
},
{
"name": "DSA-3132",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3132"
},
{
"name": "62274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62274"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "62313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62313"
},
{
"name": "RHSA-2015:0047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0047.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2015-03.html"
},
{
"name": "62790",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62790"
},
{
"name": "62293",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62293"
},
{
"name": "62283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62283"
},
{
"name": "firefox-cve20148638-csrf(99958)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99958"
},
{
"name": "62446",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62446"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "62657",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62657"
},
{
"name": "62273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62273"
},
{
"name": "openSUSE-SU-2015:0133",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00071.html"
},
{
"name": "openSUSE-SU-2015:1266",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html"
},
{
"name": "DSA-3127",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3127"
},
{
"name": "SUSE-SU-2015:0180",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00036.html"
},
{
"name": "62315",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62315"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0046.html"
},
{
"name": "62253",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62253"
},
{
"name": "1031534",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031534"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"name": "RHSA-2015:0046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0046.html"
},
{
"name": "62242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62242"
},
{
"name": "1031533",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031533"
},
{
"name": "USN-2460-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2460-1"
},
{
"name": "72047",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72047"
},
{
"name": "openSUSE-SU-2015:0192",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00002.html"
},
{
"name": "62304",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62304"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0047.html"
},
{
"name": "62259",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62259"
},
{
"name": "62250",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62250"
},
{
"name": "SUSE-SU-2015:0173",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00033.html"
},
{
"name": "62237",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62237"
},
{
"name": "openSUSE-SU-2015:0077",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00014.html"
},
{
"name": "62418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62418"
},
{
"name": "SUSE-SU-2015:0171",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1080987"
},
{
"name": "62316",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62316"
},
{
"name": "DSA-3132",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3132"
},
{
"name": "62274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62274"
},
{
"name": "GLSA-201504-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "62313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62313"
},
{
"name": "RHSA-2015:0047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0047.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2014/mfsa2015-03.html"
},
{
"name": "62790",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62790"
},
{
"name": "62293",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62293"
},
{
"name": "62283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62283"
},
{
"name": "firefox-cve20148638-csrf(99958)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99958"
},
{
"name": "62446",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62446"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "62657",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62657"
},
{
"name": "62273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62273"
},
{
"name": "openSUSE-SU-2015:0133",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00071.html"
},
{
"name": "openSUSE-SU-2015:1266",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html"
},
{
"name": "DSA-3127",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3127"
},
{
"name": "SUSE-SU-2015:0180",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00036.html"
},
{
"name": "62315",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62315"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0046.html"
},
{
"name": "62253",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62253"
},
{
"name": "1031534",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031534"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-8638",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:0046",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0046.html"
},
{
"name": "62242",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62242"
},
{
"name": "1031533",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031533"
},
{
"name": "USN-2460-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2460-1"
},
{
"name": "72047",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72047"
},
{
"name": "openSUSE-SU-2015:0192",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00002.html"
},
{
"name": "62304",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62304"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2015-0047.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2015-0047.html"
},
{
"name": "62259",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62259"
},
{
"name": "62250",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62250"
},
{
"name": "SUSE-SU-2015:0173",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00033.html"
},
{
"name": "62237",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62237"
},
{
"name": "openSUSE-SU-2015:0077",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00014.html"
},
{
"name": "62418",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62418"
},
{
"name": "SUSE-SU-2015:0171",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00032.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1080987",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1080987"
},
{
"name": "62316",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62316"
},
{
"name": "DSA-3132",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3132"
},
{
"name": "62274",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62274"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "62313",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62313"
},
{
"name": "RHSA-2015:0047",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0047.html"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2015-03.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2015-03.html"
},
{
"name": "62790",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62790"
},
{
"name": "62293",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62293"
},
{
"name": "62283",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62283"
},
{
"name": "firefox-cve20148638-csrf(99958)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99958"
},
{
"name": "62446",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62446"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "62657",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62657"
},
{
"name": "62273",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62273"
},
{
"name": "openSUSE-SU-2015:0133",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00071.html"
},
{
"name": "openSUSE-SU-2015:1266",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html"
},
{
"name": "DSA-3127",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3127"
},
{
"name": "SUSE-SU-2015:0180",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00036.html"
},
{
"name": "62315",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62315"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2015-0046.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2015-0046.html"
},
{
"name": "62253",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62253"
},
{
"name": "1031534",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031534"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2014-8638",
"datePublished": "2015-01-14T11:00:00",
"dateReserved": "2014-11-06T00:00:00",
"dateUpdated": "2024-08-06T13:26:02.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…