ByteOS Network

NVD Vulnerability Details :

CVE-2014-1502

Modified

Source-security@mozilla.org

Published At-19 Mar, 2014 | 10:55

Updated At-06 May, 2026 | 22:30

The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P

Type: Primary

Version: 2.0

Base score: 6.8

Base severity: MEDIUM

Vector:

AV:N/AC:M/Au:N/C:P/I:P/A:P

CPE Matches

openSUSE

>>opensuse>>13.1

cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

openSUSE

>>opensuse>>11.4

cpe:2.3:o:opensuse_project:opensuse:11.4:*:*:*:*:*:*:*

openSUSE

>>opensuse>>12.3

cpe:2.3:o:opensuse_project:opensuse:12.3:*:*:*:*:*:*:*

SUSE

>>linux_enterprise_desktop>>11

cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*

SUSE

>>linux_enterprise_server>>11

cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*

SUSE

>>linux_enterprise_server>>11

cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*

SUSE

>>linux_enterprise_software_development_kit>>11

cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*

Oracle Corporation

>>solaris>>11.3

cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

Mozilla Corporation

>>firefox>>Versions before 28.0(exclusive)

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

Mozilla Corporation

>>seamonkey>>Versions before 2.25(exclusive)

cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-346	Primary	nvd@nist.gov

CWE ID: CWE-346

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html	security@mozilla.org	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html	security@mozilla.org	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html	security@mozilla.org	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html	security@mozilla.org	Mailing List Third Party Advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-22.html	security@mozilla.org	Vendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html	security@mozilla.org	Mailing List Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=972622	security@mozilla.org	Issue Tracking Vendor Advisory
https://security.gentoo.org/glsa/201504-01	security@mozilla.org	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
http://www.mozilla.org/security/announce/2014/mfsa2014-22.html	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=972622	af854a3a-2127-422b-91ae-364da2661108	Issue Tracking Vendor Advisory
https://security.gentoo.org/glsa/201504-01	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory