CVE-2013-5614 (enterprise_linux_desktop, enterprise_linux_eus, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_server_eus, enterprise_linux_server_tus, enterprise_linux_workstation, fedora, firefox, linux_enterprise_desktop, linux_enterprise_server, linux_enterprise_software_development_kit, opensuse, seamonkey, solaris, ubuntu_linux)

Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.

View Full Alert

Leave a Reply