Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2011-2362

Опубликовано: 21 июн. 2011
Источник: redhat
CVSS2: 5.1

Описание

Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 do not distinguish between cookies for two domain names that differ only in a trailing dot, which allows remote web servers to bypass the Same Origin Policy via Set-Cookie headers.

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=714583Mozilla Cookie isolation error (MFSA 2011-24)

5.1 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2011-2362

ubuntu
больше 14 лет назад

Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 do not distinguish between cookies for two domain names that differ only in a trailing dot, which allows remote web servers to bypass the Same Origin Policy via Set-Cookie headers.

nvd логотип

CVE-2011-2362

nvd
больше 14 лет назад

Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 do not distinguish between cookies for two domain names that differ only in a trailing dot, which allows remote web servers to bypass the Same Origin Policy via Set-Cookie headers.

debian логотип

CVE-2011-2362

debian
больше 14 лет назад

Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonke ...

github логотип

GHSA-94rr-f3c7-jj57

github
почти 4 года назад

Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 do not distinguish between cookies for two domain names that differ only in a trailing dot, which allows remote web servers to bypass the Same Origin Policy via Set-Cookie headers.

oracle-oval логотип

ELSA-2011-0886

oracle-oval
почти 15 лет назад

ELSA-2011-0886: thunderbird security update (CRITICAL)

5.1 Medium

CVSS2