Mozilla Thunderbird CVE-2014-1505 Information Disclosure Vulnerability

description-logoDescription

Mozilla developer Robert O'Callahan reported a mechanism for timing attacks involving SVG filters and displacements input to feDisplacementMap. This allows displacements to potentially be correlated with values derived from content. This is similar to the previously reported techniques used for SVG timing attacks and could allow for text values to be read across domains, leading to information disclosure.

affected-products-logoAffected Applications

Thunderbird

CVE References

CVE-2014-1505