CVE-2013-5614

CVE Database · CVE-2013-5614

CVE-2013-5614

· N/AModified

CVSS v3.1

N/A

EPSS

2.35%

Published

Dec 11, 2013

Modified

Apr 28, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.

Weaknesses (CWE)

CWE-1021

Affected Products (26)

mozilla · firefox (up to 26.0)vulnerable

mozilla · seamonkey (up to 2.23)vulnerable

fedoraproject · fedoravulnerable

oracle · solarisvulnerable

canonical · ubuntu_linuxvulnerable