Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-9904

Опубликовано: 11 июн. 2018
Источник: debian

Описание

An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
firefoxfixed50.1.0-1package
firefox-esrfixed45.6.0esr-1package
icedovefixed1:45.6.0-2package

Примечания

  • https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/#CVE-2016-9904

  • https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/#CVE-2016-9904

Связанные уязвимости

ubuntu логотип

CVE-2016-9904

CVSS3: 7.5
ubuntu
больше 7 лет назад

An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

redhat логотип

CVE-2016-9904

CVSS3: 7.5
redhat
почти 9 лет назад

An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

nvd логотип

CVE-2016-9904

CVSS3: 7.5
nvd
больше 7 лет назад

An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

github логотип

GHSA-h92w-5p82-frc3

CVSS3: 7.5
github
больше 3 лет назад

An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

suse-cvrf логотип

SUSE-SU-2016:3223-1

suse-cvrf
почти 9 лет назад

Security update for MozillaFirefox