← back
CVE-2014-8632

CVE-2014-8632

EPSS 1.0%
The structured-clone implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 does not properly interact with XrayWrapper property filtering, which allows remote attackers to bypass intended DOM object restrictions by leveraging property availability after XrayWrapper removal.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.mozilla.org/show_bug.cgi?id=1050340https://security.gentoo.org/glsa/201504-01http://www.mozilla.org/security/announce/2014/mfsa2014-91.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html