Описание
An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| firefox | fixed | 129.0-1 | package | |
| thunderbird | fixed | 1:128.3.0esr-1 | package | |
| thunderbird | not-affected | bookworm | package | |
| thunderbird | not-affected | bullseye | package |
Примечания
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-8900
https://www.mozilla.org/en-US/security/advisories/mfsa2024-49/#CVE-2024-8900
EPSS
Связанные уязвимости
An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3.
An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3.
An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3.
An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129.
Уязвимость веб-браузеров Firefox ESR, Firefox и почтового клиента Thunderbird, связанная с недостатками разграничения доступа, позволяющая нарушителю оказать воздействие на целостность данных
EPSS