CVE-2014-1499

CVE Database · CVE-2014-1499

CVE-2014-1499

· N/AModified

CVSS v3.1

N/A

EPSS

1.94%

Published

Mar 19, 2014

Modified

May 6, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.

Affected Products (10)

suse · linux_enterprise_desktopvulnerable

suse · linux_enterprise_servervulnerable

suse · linux_enterprise_software_development_kitvulnerable

mozilla · seamonkey (up to 2.25)vulnerable

oracle · solarisvulnerable

mozilla · firefox (up to 28.0)vulnerable

opensuse · opensusevulnerable

opensuse_project · opensusevulnerable

opensuse_project · opensuse

References (16)

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html

Mailing ListThird Party Advisory

http://www.mozilla.org/security/announce/2014/mfsa2014-19.html

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs