CVE Kennung:	CVE-2014-1583
Beschreibung:	The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2 does not properly restrict toJSON calls, which allows remote attackers to bypass the Same Origin Policy via crafted API calls that access sensitive information within the JSON data of an alarm.
Test Kennungen:	1.3.6.1.4.1.25623.1.0.850780   1.3.6.1.4.1.25623.1.0.850810   1.3.6.1.4.1.25623.1.0.851010   1.3.6.1.4.1.25623.1.1.4.2014.1458.1   1.3.6.1.4.1.25623.1.1.4.2014.1458.3   1.3.6.1.4.1.25623.1.1.4.2014.1458.2   1.3.6.1.4.1.25623.1.1.4.2014.1385.1
Querverweise:	Common Vulnerability Exposure (CVE) ID: CVE-2014-1583 BugTraq ID: 70424 http://www.securityfocus.com/bid/70424 Debian Security Information: DSA-3050 (Google Search) http://www.debian.org/security/2014/dsa-3050 http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html https://security.gentoo.org/glsa/201504-01 RedHat Security Advisories: RHSA-2014:1635 http://rhn.redhat.com/errata/RHSA-2014-1635.html http://www.securitytracker.com/id/1031028 http://www.securitytracker.com/id/1031030 http://secunia.com/advisories/61854 http://secunia.com/advisories/62022 http://secunia.com/advisories/62023 SuSE Security Announcement: openSUSE-SU-2014:1344 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html SuSE Security Announcement: openSUSE-SU-2014:1345 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html http://www.ubuntu.com/usn/USN-2372-1