Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2013-1714

Опубликовано: 07 авг. 2013
Источник: debian
EPSS Низкий

Описание

The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via unspecified vectors.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
iceweaselfixed17.0.8esr-1package
iceweaselend-of-lifesqueezepackage
icedovefixed17.0.8-1package
icedoveend-of-lifesqueezepackage
iceaperemovedpackage
iceapeend-of-lifesqueezepackage
iceapeend-of-lifewheezypackage

EPSS

Процентиль: 77%
0.01083
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2013-1714

ubuntu
около 12 лет назад

The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via unspecified vectors.

redhat логотип

CVE-2013-1714

redhat
около 12 лет назад

The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via unspecified vectors.

nvd логотип

CVE-2013-1714

nvd
около 12 лет назад

The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via unspecified vectors.

github логотип

GHSA-p7q2-jcwm-cgcm

github
больше 3 лет назад

The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via unspecified vectors.

oracle-oval логотип

ELSA-2013-1142

oracle-oval
около 12 лет назад

ELSA-2013-1142: thunderbird security update (IMPORTANT)

EPSS

Процентиль: 77%
0.01083
Низкий