CVE-2014-1511

CVE Database · CVE-2014-1511

CVE-2014-1511

· CRITICALModified

CVSS v3.1

9.8

EPSS

83.63%

Published

Mar 19, 2014

Modified

May 6, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBMozilla Firefox - WebIDL Privileged JavaScript Injection (Metasploit)TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-269

Affected Products (26)

mozilla · firefox (up to 28.0)vulnerable

mozilla · firefox (up to 24.4)vulnerable

mozilla · seamonkey (up to 2.25)vulnerable

mozilla · thunderbird (up to 24.4)vulnerable

canonical · ubuntu_linuxvulnerable

debian · debian_linuxvulnerable

References (20)

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html

Mailing ListThird Party Advisory

http://rhn.redhat.com/errata/RHSA-2014-0310.html

Third Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs