Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: mozilla
Published:
Updated: 2024-08-06T09:42:35.635Z
Reserved: 2014-01-16T00:00:00
Link: CVE-2014-1483

No data.

Status : Deferred
Published: 2014-02-06T05:44:24.910
Modified: 2025-04-11T00:51:21.963
Link: CVE-2014-1483


No data.