Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-37207

Опубликовано: 05 июл. 2023
Источник: debian

Описание

A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
firefoxfixed115.0-1package
firefox-esrfixed102.13.0esr-1package
thunderbirdfixed1:102.13.0-1package

Примечания

  • https://www.mozilla.org/en-US/security/advisories/mfsa2023-22/#CVE-2023-37207

  • https://www.mozilla.org/en-US/security/advisories/mfsa2023-23/#CVE-2023-37207

  • https://www.mozilla.org/en-US/security/advisories/mfsa2023-24/#CVE-2023-37207

Связанные уязвимости

ubuntu логотип

CVE-2023-37207

CVSS3: 6.5
ubuntu
больше 2 лет назад

A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

redhat логотип

CVE-2023-37207

CVSS3: 6.1
redhat
больше 2 лет назад

A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

nvd логотип

CVE-2023-37207

CVSS3: 6.5
nvd
больше 2 лет назад

A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

github логотип

GHSA-jpg7-857p-mpqg

CVSS3: 6.5
github
больше 2 лет назад

A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

fstec логотип

BDU:2023-04019

CVSS3: 6.5
fstec
больше 2 лет назад

Уязвимость полноэкранного уведомления браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить спуфинг-атаки