Security Advisory

CVE-2013-5614

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-12-11 15:00:00

Last updated 2024-08-06 17:15:21

Assigner mozilla

State PUBLISHED

Description

Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.

← Browse all CVEs View on cve.org ↗