Описание
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to bypass the Same Origin Policy for an IP address origin, and conduct cross-site scripting (XSS) attacks, by appending whitespace characters to an IP address string.
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to bypass the Same Origin Policy for an IP address origin, and conduct cross-site scripting (XSS) attacks, by appending whitespace characters to an IP address string.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-7188
- https://bugzilla.mozilla.org/show_bug.cgi?id=1199430
- https://security.gentoo.org/glsa/201512-10
- http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html
- http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html
- http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html
- http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html
- http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html
- http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html
- http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html
- http://rhn.redhat.com/errata/RHSA-2015-1982.html
- http://www.debian.org/security/2015/dsa-3393
- http://www.debian.org/security/2015/dsa-3410
- http://www.mozilla.org/security/announce/2015/mfsa2015-122.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.securityfocus.com/bid/77411
- http://www.securitytracker.com/id/1034069
- http://www.ubuntu.com/usn/USN-2785-1
- http://www.ubuntu.com/usn/USN-2819-1
EPSS
CVE ID
Связанные уязвимости
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to bypass the Same Origin Policy for an IP address origin, and conduct cross-site scripting (XSS) attacks, by appending whitespace characters to an IP address string.
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to bypass the Same Origin Policy for an IP address origin, and conduct cross-site scripting (XSS) attacks, by appending whitespace characters to an IP address string.
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to bypass the Same Origin Policy for an IP address origin, and conduct cross-site scripting (XSS) attacks, by appending whitespace characters to an IP address string.
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow rem ...
Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю обойти правила ограничения домена и провести межсайтовое выполнение сценариев
EPSS