1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1510 2

Web Attack: Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1510 2

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts of leveraging a privilege-escalation vulnerability in Mozilla Firefox, SeaMonkey, and Thunderbird which could result in gaining elevated privileges and perform unauthorized actions.

Additional Information

Firefox is a browser. SeaMonkey is a suite of applications that includes a browser and an email client. Thunderbird is an email client. All three applications are available for multiple platforms.

Mozilla Firefox, SeaMonkey, and Thunderbird are prone to privilege-escalation vulnerability. This issue occurs when loading an untrusted content from chrome privileged page by getting JavaScript implemented WebIDL and calls functions related to browsers.

Remote attackers can exploit this issue to gain elevated privileges and perform unauthorized actions.

Affected

  • These issues are fixed in:
  • Firefox 28
  • Firefox ESR 24.4
  • Thunderbird 24.4
  • Seamonkey 2.25
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube