Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2014-1527

Mozilla Firefox before 29.0 on Android allows remote attackers to spoof the address bar via crafted JavaScript code that uses DOM events to prevent the reemergence of the actual address bar after scrolling has taken it off of the screen.

Published

2014-04-30T10:49:04.910

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	fedoraproject	fedora	19	Yes
Application	mozilla	firefox	≤ 28.0	Yes
Application	mozilla	firefox	0.1	Yes
Application	mozilla	firefox	0.2	Yes
Application	mozilla	firefox	0.3	Yes
Application	mozilla	firefox	0.4	Yes
Application	mozilla	firefox	0.5	Yes
Application	mozilla	firefox	0.6	Yes
Application	mozilla	firefox	0.6.1	Yes
Application	mozilla	firefox	0.7	Yes
Application	mozilla	firefox	0.7.1	Yes
Application	mozilla	firefox	0.8	Yes
Application	mozilla	firefox	0.9	Yes
Application	mozilla	firefox	0.9	Yes
Application	mozilla	firefox	0.9.1	Yes
Application	mozilla	firefox	0.9.2	Yes
Application	mozilla	firefox	0.9.3	Yes
Application	mozilla	firefox	0.10	Yes
Application	mozilla	firefox	0.10.1	Yes
Application	mozilla	firefox	1.0	Yes
Application	mozilla	firefox	1.0	Yes
Application	mozilla	firefox	1.0.1	Yes
Application	mozilla	firefox	1.0.2	Yes
Application	mozilla	firefox	1.0.3	Yes
Application	mozilla	firefox	1.0.4	Yes
Application	mozilla	firefox	1.0.5	Yes
Application	mozilla	firefox	1.0.6	Yes
Application	mozilla	firefox	1.0.7	Yes
Application	mozilla	firefox	1.0.8	Yes
Application	mozilla	firefox	1.5	Yes
Application	mozilla	firefox	1.5	Yes
Application	mozilla	firefox	1.5	Yes
Application	mozilla	firefox	1.5.0.1	Yes
Application	mozilla	firefox	1.5.0.2	Yes
Application	mozilla	firefox	1.5.0.3	Yes
Application	mozilla	firefox	1.5.0.4	Yes
Application	mozilla	firefox	1.5.0.5	Yes
Application	mozilla	firefox	1.5.0.6	Yes
Application	mozilla	firefox	1.5.0.7	Yes
Application	mozilla	firefox	1.5.0.8	Yes
Application	mozilla	firefox	1.5.0.9	Yes
Application	mozilla	firefox	1.5.0.10	Yes
Application	mozilla	firefox	1.5.0.11	Yes
Application	mozilla	firefox	1.5.0.12	Yes
Application	mozilla	firefox	1.5.1	Yes
Application	mozilla	firefox	1.5.2	Yes
Application	mozilla	firefox	1.5.3	Yes
Application	mozilla	firefox	1.5.4	Yes
Application	mozilla	firefox	1.5.5	Yes
Application	mozilla	firefox	1.5.6	Yes
Application	mozilla	firefox	1.5.7	Yes
Application	mozilla	firefox	1.5.8	Yes
Application	mozilla	firefox	2.0	Yes
Application	mozilla	firefox	2.0.0.1	Yes
Application	mozilla	firefox	2.0.0.2	Yes
Application	mozilla	firefox	2.0.0.3	Yes
Application	mozilla	firefox	2.0.0.4	Yes
Application	mozilla	firefox	2.0.0.5	Yes
Application	mozilla	firefox	2.0.0.6	Yes
Application	mozilla	firefox	2.0.0.7	Yes
Application	mozilla	firefox	2.0.0.8	Yes
Application	mozilla	firefox	2.0.0.9	Yes
Application	mozilla	firefox	2.0.0.10	Yes
Application	mozilla	firefox	2.0.0.11	Yes
Application	mozilla	firefox	2.0.0.12	Yes
Application	mozilla	firefox	2.0.0.13	Yes
Application	mozilla	firefox	2.0.0.14	Yes
Application	mozilla	firefox	2.0.0.15	Yes
Application	mozilla	firefox	2.0.0.16	Yes
Application	mozilla	firefox	2.0.0.17	Yes
Application	mozilla	firefox	2.0.0.18	Yes
Application	mozilla	firefox	2.0.0.19	Yes
Application	mozilla	firefox	2.0.0.20	Yes
Application	mozilla	firefox	3.0	Yes
Application	mozilla	firefox	3.0.1	Yes
Application	mozilla	firefox	3.0.2	Yes
Application	mozilla	firefox	3.0.3	Yes
Application	mozilla	firefox	3.0.4	Yes
Application	mozilla	firefox	3.0.5	Yes
Application	mozilla	firefox	3.0.6	Yes
Application	mozilla	firefox	3.0.7	Yes
Application	mozilla	firefox	3.0.8	Yes
Application	mozilla	firefox	3.0.9	Yes
Application	mozilla	firefox	3.0.10	Yes
Application	mozilla	firefox	3.0.11	Yes
Application	mozilla	firefox	3.0.12	Yes
Application	mozilla	firefox	3.0.13	Yes
Application	mozilla	firefox	3.0.14	Yes
Application	mozilla	firefox	3.0.15	Yes
Application	mozilla	firefox	3.0.16	Yes
Application	mozilla	firefox	3.0.17	Yes
Application	mozilla	firefox	3.0.18	Yes
Application	mozilla	firefox	3.0.19	Yes
Application	mozilla	firefox	3.5	Yes
Application	mozilla	firefox	3.5.1	Yes
Application	mozilla	firefox	3.5.2	Yes
Application	mozilla	firefox	3.5.3	Yes
Application	mozilla	firefox	3.5.4	Yes
Application	mozilla	firefox	3.5.5	Yes
Application	mozilla	firefox	3.5.6	Yes
Application	mozilla	firefox	3.5.7	Yes
Application	mozilla	firefox	3.5.8	Yes
Application	mozilla	firefox	3.5.9	Yes
Application	mozilla	firefox	3.5.10	Yes
Application	mozilla	firefox	3.5.11	Yes
Application	mozilla	firefox	3.5.12	Yes
Application	mozilla	firefox	3.5.13	Yes
Application	mozilla	firefox	3.5.14	Yes
Application	mozilla	firefox	3.5.15	Yes
Application	mozilla	firefox	3.5.16	Yes
Application	mozilla	firefox	3.5.17	Yes
Application	mozilla	firefox	3.5.18	Yes
Application	mozilla	firefox	3.5.19	Yes
Application	mozilla	firefox	3.6	Yes
Application	mozilla	firefox	3.6.2	Yes
Application	mozilla	firefox	3.6.3	Yes
Application	mozilla	firefox	3.6.4	Yes
Application	mozilla	firefox	3.6.6	Yes
Application	mozilla	firefox	3.6.7	Yes
Application	mozilla	firefox	3.6.8	Yes
Application	mozilla	firefox	3.6.9	Yes
Application	mozilla	firefox	3.6.10	Yes
Application	mozilla	firefox	3.6.11	Yes
Application	mozilla	firefox	3.6.12	Yes
Application	mozilla	firefox	3.6.13	Yes
Application	mozilla	firefox	3.6.14	Yes
Application	mozilla	firefox	3.6.15	Yes
Application	mozilla	firefox	3.6.16	Yes
Application	mozilla	firefox	3.6.17	Yes
Application	mozilla	firefox	3.6.18	Yes
Application	mozilla	firefox	3.6.19	Yes
Application	mozilla	firefox	3.6.20	Yes
Application	mozilla	firefox	3.6.21	Yes
Application	mozilla	firefox	3.6.22	Yes
Application	mozilla	firefox	3.6.23	Yes
Application	mozilla	firefox	3.6.24	Yes
Application	mozilla	firefox	3.6.25	Yes
Application	mozilla	firefox	3.6.26	Yes
Application	mozilla	firefox	3.6.27	Yes
Application	mozilla	firefox	3.6.28	Yes
Application	mozilla	firefox	4.0	Yes
Application	mozilla	firefox	4.0	Yes
Application	mozilla	firefox	4.0	Yes
Application	mozilla	firefox	4.0	Yes
Application	mozilla	firefox	4.0	Yes
Application	mozilla	firefox	4.0	Yes
Application	mozilla	firefox	4.0	Yes
Application	mozilla	firefox	4.0	Yes
Application	mozilla	firefox	4.0	Yes
Application	mozilla	firefox	4.0	Yes
Application	mozilla	firefox	4.0	Yes
Application	mozilla	firefox	4.0	Yes
Application	mozilla	firefox	4.0	Yes
Application	mozilla	firefox	4.0.1	Yes
Application	mozilla	firefox	5.0	Yes
Application	mozilla	firefox	5.0.1	Yes
Application	mozilla	firefox	6.0	Yes
Application	mozilla	firefox	6.0.1	Yes
Application	mozilla	firefox	6.0.2	Yes
Application	mozilla	firefox	7.0	Yes
Application	mozilla	firefox	7.0.1	Yes
Application	mozilla	firefox	8.0	Yes
Application	mozilla	firefox	8.0.1	Yes
Application	mozilla	firefox	9.0	Yes
Application	mozilla	firefox	9.0.1	Yes
Application	mozilla	firefox	10.0	Yes
Application	mozilla	firefox	10.0.1	Yes
Application	mozilla	firefox	10.0.2	Yes
Application	mozilla	firefox	10.0.3	Yes
Application	mozilla	firefox	10.0.4	Yes
Application	mozilla	firefox	10.0.5	Yes
Application	mozilla	firefox	10.0.6	Yes
Application	mozilla	firefox	10.0.7	Yes
Application	mozilla	firefox	10.0.8	Yes
Application	mozilla	firefox	10.0.9	Yes
Application	mozilla	firefox	10.0.10	Yes
Application	mozilla	firefox	10.0.11	Yes
Application	mozilla	firefox	10.0.12	Yes
Application	mozilla	firefox	11.0	Yes
Application	mozilla	firefox	12.0	Yes
Application	mozilla	firefox	12.0	Yes
Application	mozilla	firefox	13.0	Yes
Application	mozilla	firefox	13.0.1	Yes
Application	mozilla	firefox	14.0	Yes
Application	mozilla	firefox	14.0.1	Yes
Application	mozilla	firefox	15.0	Yes
Application	mozilla	firefox	15.0.1	Yes
Application	mozilla	firefox	16.0	Yes
Application	mozilla	firefox	16.0.1	Yes
Application	mozilla	firefox	16.0.2	Yes
Application	mozilla	firefox	17.0.2	Yes
Application	mozilla	firefox	17.0.3	Yes
Application	mozilla	firefox	17.0.4	Yes
Application	mozilla	firefox	17.0.5	Yes
Application	mozilla	firefox	17.0.6	Yes
Application	mozilla	firefox	17.0.7	Yes
Application	mozilla	firefox	17.0.8	Yes
Application	mozilla	firefox	17.0.9	Yes
Application	mozilla	firefox	17.0.10	Yes
Application	mozilla	firefox	17.0.11	Yes
Application	mozilla	firefox	18.0	Yes
Application	mozilla	firefox	18.0.1	Yes
Application	mozilla	firefox	18.0.2	Yes
Application	mozilla	firefox	19.0	Yes
Application	mozilla	firefox	19.0.1	Yes
Application	mozilla	firefox	19.0.2	Yes
Application	mozilla	firefox	20.0	Yes
Application	mozilla	firefox	20.0.1	Yes
Application	mozilla	firefox	21.0	Yes
Application	mozilla	firefox	23.0	Yes
Application	mozilla	firefox	23.0.1	Yes
Application	mozilla	firefox	24.0	Yes
Application	mozilla	firefox	24.1	Yes
Application	mozilla	firefox	24.1.1	Yes
Application	mozilla	firefox	25.0	Yes
Application	mozilla	firefox	25.0.1	Yes
Application	mozilla	firefox	26.0	Yes
Application	mozilla	firefox	27.0	Yes
Application	mozilla	firefox	27.0.1	Yes
Operating System	google	android	*	No
Operating System	oracle	solaris	11.3	Yes

References

http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html Third Party Advisory ([email protected])
http://www.mozilla.org/security/announce/2014/mfsa2014-40.html Vendor Advisory ([email protected])
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html Third Party Advisory ([email protected])
http://www.securitytracker.com/id/1030163 Third Party Advisory, VDB Entry ([email protected])
https://bugzilla.mozilla.org/show_bug.cgi?id=960146 Issue Tracking ([email protected])
http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.mozilla.org/security/announce/2014/mfsa2014-40.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1030163 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.mozilla.org/show_bug.cgi?id=960146 Issue Tracking (af854a3a-2127-422b-91ae-364da2661108)