CVE-2014-1589

CVE Database · CVE-2014-1589

CVE-2014-1589

· N/AModified

CVSS v3.1

N/A

EPSS

1.80%

Published

Dec 11, 2014

Modified

May 6, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Mozilla Firefox before 34.0 and SeaMonkey before 2.31 provide stylesheets with an incorrect primary namespace, which allows remote attackers to bypass intended access restrictions via an XBL binding.

Weaknesses (CWE)

CWE-284

Affected Products (2)

mozilla · firefoxvulnerable

mozilla · seamonkeyvulnerable

References (8)

http://www.mozilla.org/security/announce/2014/mfsa2014-84.html

Vendor Advisory

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

https://bugzilla.mozilla.org/show_bug.cgi?id=1043787

https://security.gentoo.org/glsa/201504-01

http://www.mozilla.org/security/announce/2014/mfsa2014-84.html

Vendor Advisory

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

https://bugzilla.mozilla.org/show_bug.cgi?id=1043787

https://security.gentoo.org/glsa/201504-01

KEV Catalog EPSS Scores Vendors All CVEs