CVE-2014-8636 - OpenCVE

The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Mozilla	Seamonkey Firefox

Configuration 1 [-]

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00032.html
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00033.html
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00036.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00002.html
http://packetstormsecurity.com/files/130972/Firefox-Proxy-Prototype-Privileged-Javascript-Injection.html
http://secunia.com/advisories/62242
http://secunia.com/advisories/62250
http://secunia.com/advisories/62418
http://secunia.com/advisories/62446
http://secunia.com/advisories/62790
http://www.mozilla.org/security/announce/2014/mfsa2015-09.html	Vendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.securityfocus.com/bid/72041
http://www.securitytracker.com/id/1031533
https://bugzilla.mozilla.org/show_bug.cgi?id=987794
https://community.rapid7.com/community/metasploit/blog/2015/03/23/r7-2015-04-disclosure-mozilla-firefox-proxy-prototype-rce-cve-2014-8636
https://exchange.xforce.ibmcloud.com/vulnerabilities/99964
https://security.gentoo.org/glsa/201504-01

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mozilla

Published: 2015-01-14T11:00:00

Updated: 2017-09-07T15:57:01

Reserved: 2014-11-06T00:00:00

Link: CVE-2014-8636

JSON object: View

NVD Information

Status : Modified

Published: 2015-01-14T11:59:05.570

Modified: 2017-09-08T01:29:25.997

Link: CVE-2014-8636

JSON object: View

Redhat Information

No data.

CWE

CWE-94

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-01-13T00:00:00", "descriptions": [{"lang": "en", "value": "The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-07T15:57:01", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://community.rapid7.com/community/metasploit/blog/2015/03/23/r7-2015-04-disclosure-mozilla-firefox-proxy-prototype-rce-cve-2014-8636"}, {"name": "62242", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/62242"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/130972/Firefox-Proxy-Prototype-Privileged-Javascript-Injection.html"}, {"name": "72041", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/72041"}, {"name": "1031533", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1031533"}, {"name": "openSUSE-SU-2015:0192", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00002.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=987794"}, {"name": "firefox-cve20148636-sec-bypass(99964)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99964"}, {"name": "62250", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/62250"}, {"name": "SUSE-SU-2015:0173", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00033.html"}, {"name": "openSUSE-SU-2015:0077", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00014.html"}, {"name": "62418", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/62418"}, {"name": "SUSE-SU-2015:0171", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00032.html"}, {"name": "GLSA-201504-01", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201504-01"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"}, {"name": "62790", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/62790"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.mozilla.org/security/announce/2014/mfsa2015-09.html"}, {"name": "62446", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/62446"}, {"name": "SUSE-SU-2015:0180", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00036.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2014-8636", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://community.rapid7.com/community/metasploit/blog/2015/03/23/r7-2015-04-disclosure-mozilla-firefox-proxy-prototype-rce-cve-2014-8636", "refsource": "MISC", "url": "https://community.rapid7.com/community/metasploit/blog/2015/03/23/r7-2015-04-disclosure-mozilla-firefox-proxy-prototype-rce-cve-2014-8636"}, {"name": "62242", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62242"}, {"name": "http://packetstormsecurity.com/files/130972/Firefox-Proxy-Prototype-Privileged-Javascript-Injection.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/130972/Firefox-Proxy-Prototype-Privileged-Javascript-Injection.html"}, {"name": "72041", "refsource": "BID", "url": "http://www.securityfocus.com/bid/72041"}, {"name": "1031533", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031533"}, {"name": "openSUSE-SU-2015:0192", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00002.html"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=987794", "refsource": "CONFIRM", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=987794"}, {"name": "firefox-cve20148636-sec-bypass(99964)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99964"}, {"name": "62250", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62250"}, {"name": "SUSE-SU-2015:0173", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00033.html"}, {"name": "openSUSE-SU-2015:0077", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00014.html"}, {"name": "62418", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62418"}, {"name": "SUSE-SU-2015:0171", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00032.html"}, {"name": "GLSA-201504-01", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201504-01"}, {"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"}, {"name": "62790", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62790"}, {"name": "http://www.mozilla.org/security/announce/2014/mfsa2015-09.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2014/mfsa2015-09.html"}, {"name": "62446", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62446"}, {"name": "SUSE-SU-2015:0180", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00036.html"}]}}}}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2014-8636", "datePublished": "2015-01-14T11:00:00", "dateReserved": "2014-11-06T00:00:00", "dateUpdated": "2017-09-07T15:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "48BDA1BA-1A04-4CD5-850A-0AB5990DAEA1", "versionEndIncluding": "34.0.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "matchCriteriaId": "1E929387-65C1-4D6E-976D-8DB6EEBDD58A", "versionEndIncluding": "2.31", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors."}, {"lang": "es", "value": "La implementaci\u00f3n XrayWrapper en Mozilla Firefox anterior a 35.0 y SeaMonkey anterior a 2.32 no interactua correctamente con un objeto DOM que tiene nombrado un getter nombrado, lo que podr\u00eda permitir a atacantes remotos ejecutar c\u00f3digo JavaScript arbitrario con privilegios chrome a trav\u00e9s de vectores no especificados."}], "id": "CVE-2014-8636", "lastModified": "2017-09-08T01:29:25.997", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-01-14T11:59:05.570", "references": [{"source": "security@mozilla.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00014.html"}, {"source": "security@mozilla.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00032.html"}, {"source": "security@mozilla.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00033.html"}, {"source": "security@mozilla.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00036.html"}, {"source": "security@mozilla.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00002.html"}, {"source": "security@mozilla.org", "url": "http://packetstormsecurity.com/files/130972/Firefox-Proxy-Prototype-Privileged-Javascript-Injection.html"}, {"source": "security@mozilla.org", "url": "http://secunia.com/advisories/62242"}, {"source": "security@mozilla.org", "url": "http://secunia.com/advisories/62250"}, {"source": "security@mozilla.org", "url": "http://secunia.com/advisories/62418"}, {"source": "security@mozilla.org", "url": "http://secunia.com/advisories/62446"}, {"source": "security@mozilla.org", "url": "http://secunia.com/advisories/62790"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "http://www.mozilla.org/security/announce/2014/mfsa2015-09.html"}, {"source": "security@mozilla.org", "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"}, {"source": "security@mozilla.org", "url": "http://www.securityfocus.com/bid/72041"}, {"source": "security@mozilla.org", "url": "http://www.securitytracker.com/id/1031533"}, {"source": "security@mozilla.org", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=987794"}, {"source": "security@mozilla.org", "url": "https://community.rapid7.com/community/metasploit/blog/2015/03/23/r7-2015-04-disclosure-mozilla-firefox-proxy-prototype-rce-cve-2014-8636"}, {"source": "security@mozilla.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99964"}, {"source": "security@mozilla.org", "url": "https://security.gentoo.org/glsa/201504-01"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}