CVE-2015-0819

Опубликовано: 25 фев. 2015

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Уязвимость спуфинга и clickjacking атак в Mozilla Firefox из-за некорректной верификации источника API-запроса в функции UITour::onPageEvent

Описание

Функция UITour::onPageEvent в Mozilla Firefox до версии 36.0 не гарантирует, что вызов API исходит из активной вкладки. Это позволяет злоумышленникам осуществлять атаки типа спуфинг и clickjacking, используя доступ к веб-сайту UI Tour.

Затронутые версии ПО

Mozilla Firefox версии до 36.0

Тип уязвимости

Спуфинг
Clickjacking

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-03/msg00067.html
Third Party Advisory
http://www.mozilla.org/security/announce/2015/mfsa2015-26.html
Vendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.securityfocus.com/bid/72759
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031791
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-2505-1
Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1079554
Issue Tracking
https://security.gentoo.org/glsa/201504-01
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-03/msg00067.html
Third Party Advisory
http://www.mozilla.org/security/announce/2015/mfsa2015-26.html
Vendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.securityfocus.com/bid/72759
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031791
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-2505-1
Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1079554
Issue Tracking
https://security.gentoo.org/glsa/201504-01

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

Версия до 35.0.1 (включая)

cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.20:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.13:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.14:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.15:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.16:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.17:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.18:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.19:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.13:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.14:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.15:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.16:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.17:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.18:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.5.19:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.13:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.14:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.15:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.16:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.17:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.18:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.19:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.20:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.21:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.22:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.23:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.24:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.25:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.26:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.27:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.6.28:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:9.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:9.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:10.0.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:11.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:12.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:12.0:beta6:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:13.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:13.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:14.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:14.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:15.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:15.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:16.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:16.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:16.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:17.0.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:18.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:18.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:18.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:19.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:19.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:20.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:20.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:21.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:22.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:23.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:23.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:24.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:24.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:24.1.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:25.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:25.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:26.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:27.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:27.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:28.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:29.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:29.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:30.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:31.1.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:32.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:33.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:34.0.5:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.00913

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-19

Связанные уязвимости

CVE-2015-0819

ubuntu

почти 11 лет назад

The UITour::onPageEvent function in Mozilla Firefox before 36.0 does not ensure that an API call originates from a foreground tab, which allows remote attackers to conduct spoofing and clickjacking attacks by leveraging access to a UI Tour web site.

CVE-2015-0819

redhat

почти 11 лет назад

CVE-2015-0819

debian

почти 11 лет назад

The UITour::onPageEvent function in Mozilla Firefox before 36.0 does n ...

GHSA-gvgq-xwmc-59cp

github

больше 3 лет назад

EPSS

Процентиль: 76%

0.00913

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-19