CVE-2014-1500

CVE Database · CVE-2014-1500

CVE-2014-1500

· N/AModified

CVSS v3.1

N/A

EPSS

3.54%

Published

Mar 19, 2014

Modified

May 6, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.

Weaknesses (CWE)

CWE-400

Affected Products (10)

opensuse · opensusevulnerable

opensuse_project · opensusevulnerable

oracle · solarisvulnerable

mozilla · firefox (up to 28.0)vulnerable

mozilla · seamonkey (up to 2.25)vulnerable

suse · linux_enterprise_desktopvulnerable

suse · linux_enterprise_servervulnerable

suse · linux_enterprise_software_development_kit

References (16)

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html

Mailing ListThird Party Advisory

http://www.mozilla.org/security/announce/2014/mfsa2014-20.html

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs