CVE-2016-5279

Опубликовано: 22 сент. 2016

Источник: debian

EPSS Низкий

Описание

Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
firefox	fixed	49.0-1		package
firefox-esr	not-affected			package

Примечания

https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/

EPSS

Процентиль: 59%

0.00375

Низкий

Связанные уязвимости

CVE-2016-5279

CVSS3: 4.3

ubuntu

больше 9 лет назад

Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code.

CVE-2016-5279

CVSS3: 4.3

redhat

больше 9 лет назад

Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code.

CVE-2016-5279

CVSS3: 4.3

nvd

больше 9 лет назад

Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code.

GHSA-rwgx-gvrc-xv45

CVSS3: 4.3

github

больше 3 лет назад

Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code.

openSUSE-SU-2016:2368-1

suse-cvrf

больше 9 лет назад

Security update for MozillaFirefox, mozilla-nss

EPSS

Процентиль: 59%

0.00375

Низкий