{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2749?format=json","vulnerability_id":"VCID-rcjg-u9ug-7kgs","summary":"Mozilla developer Boris Zbarsky discovered that the debugger\nwill work with some objects while bypassing XrayWrappers. This could lead to\nprivilege escalation if the victim used the debugger to interact with a\nmalicious page.\nIn general this flaw cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but is\npotentially a risk in browser or browser-like contexts.","aliases":[{"alias":"CVE-2014-1526"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1146?format=json","purl":"pkg:mozilla/Firefox@29.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@29.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/1149?format=json","purl":"pkg:mozilla/Seamonkey@2.26.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Seamonkey@2.26.0"}],"affected_packages":[],"references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1526","reference_id":"CVE-2014-1526","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1526"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2014-47","reference_id":"mfsa2014-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2014-47"}],"weaknesses":[],"exploits":[],"severity_range_score":"7.0 - 8.9","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rcjg-u9ug-7kgs"}