Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-7825

Опубликовано: 11 июн. 2018
Источник: nvd
CVSS3: 5.3
CVSS2: 5
EPSS Низкий

Описание

Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

Одно из

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Версия до 56.0 (исключая)
cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
Версия до 52.4.0 (исключая)
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
Версия до 52.4.0 (исключая)
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

EPSS

Процентиль: 82%
0.0171
Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2017-7825

CVSS3: 5.3
ubuntu
около 7 лет назад

Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

redhat логотип

CVE-2017-7825

CVSS3: 6.1
redhat
почти 8 лет назад

Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

debian логотип

CVE-2017-7825

CVSS3: 5.3
debian
около 7 лет назад

Several fonts on OS X display some Tibetan and Arabic characters as wh ...

github логотип

GHSA-3mv8-qr3m-89rv

CVSS3: 5.3
github
около 3 лет назад

Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

fstec логотип

BDU:2021-00025

CVSS3: 5.3
fstec
почти 8 лет назад

Уязвимость браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная c недостаточной проверкой вводимых данных, позволяющая нарушителю проводить спуфинг-атаки

EPSS

Процентиль: 82%
0.0171
Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20