Mozilla Foundation Security Advisory 2014-05

Information disclosure with *FromPoint on iframes

Announced

February 4, 2014

Reporter

Jordan Milne

Impact

Moderate

Products

Firefox, SeaMonkey

Fixed in

Firefox 27
SeaMonkey 2.24

Description

Security researcher Jordan Milne reported an information leak where document.caretPositionFromPoint and document.elementFromPoint functions could be used on a cross-origin iframe to gain information on the iframe's DOM and other attributes through a timing attack, violating same-origin policy.

In general this flaw cannot be exploited through email in the Seamonkey product because scripting is disabled in mail, but is potentially a risk in browser or browser-like contexts.

References

caretPositionFromPoint and elementFromPoint leak information about iframe contents via timing information (CVE-2014-1483)

Firefox for Desktop

Firefox for Android

Firefox for iOS

Firefox Focus

Firefox Blog

Release Notes

Mozilla Monitor

Facebook Container

Pocket

Mozilla VPN

Firefox Relay

MDN Plus

Fakespot

Mozilla Manifesto

Mozilla Foundation

Leadership

Get involved

Careers

Mozilla Blog

Impact

Firefox Developer Edition

MDN Web Docs

Mozilla Innovation Projects

Common Voice

Mozilla Foundation Security Advisory 2014-05

Information disclosure with *FromPoint on iframes

Description

References