Уязвимость CVE-2016-9075

Пакет	Статус	Версия исправления	Релиз	Тип
firefox	fixed	50.0-1		package
firefox-esr	not-affected			package

CVE-2016-9075

CVSS3: 9.8

ubuntu

больше 7 лет назад

An issue where WebExtensions can use the mozAddonManager API to elevate privilege due to privileged pages being allowed in the permissions list. This allows a malicious extension to then install additional extensions without explicit user permission. This vulnerability affects Firefox < 50.

CVE-2016-9075

CVSS3: 9.8

redhat

около 9 лет назад

An issue where WebExtensions can use the mozAddonManager API to elevate privilege due to privileged pages being allowed in the permissions list. This allows a malicious extension to then install additional extensions without explicit user permission. This vulnerability affects Firefox < 50.

CVE-2016-9075

CVSS3: 9.8

nvd

больше 7 лет назад

An issue where WebExtensions can use the mozAddonManager API to elevate privilege due to privileged pages being allowed in the permissions list. This allows a malicious extension to then install additional extensions without explicit user permission. This vulnerability affects Firefox < 50.

GHSA-vf79-gc8c-5h95

CVSS3: 9.8

github

больше 3 лет назад

An issue where WebExtensions can use the mozAddonManager API to elevate privilege due to privileged pages being allowed in the permissions list. This allows a malicious extension to then install additional extensions without explicit user permission. This vulnerability affects Firefox < 50.

openSUSE-SU-2016:2861-1

suse-cvrf

около 9 лет назад

Security update for MozillaFirefox, mozilla-nss

exploitDog

CVE-2016-9075

Описание

Пакеты

Связанные уязвимости