Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-9895

Опубликовано: 11 июн. 2018
Источник: debian

Описание

Event handlers on "marquee" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
firefoxfixed50.1.0-1package
firefox-esrfixed45.6.0esr-1package
icedovefixed1:45.6.0-2package

Примечания

  • https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9895

  • https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/#CVE-2016-9895

Связанные уязвимости

ubuntu логотип

CVE-2016-9895

CVSS3: 6.1
ubuntu
больше 7 лет назад

Event handlers on "marquee" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

redhat логотип

CVE-2016-9895

CVSS3: 6.1
redhat
почти 9 лет назад

Event handlers on "marquee" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

nvd логотип

CVE-2016-9895

CVSS3: 6.1
nvd
больше 7 лет назад

Event handlers on "marquee" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

github логотип

GHSA-q8q4-9m7f-q3rp

CVSS3: 6.1
github
больше 3 лет назад

Event handlers on "marquee" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

oracle-oval логотип

ELSA-2016-2973

oracle-oval
почти 9 лет назад

ELSA-2016-2973: thunderbird security update (IMPORTANT)