Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-5593

Опубликовано: 29 окт. 2013
Источник: redhat
CVSS2: 4.3

Описание

The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct clickjacking attacks via vectors that trigger navigation off of a page containing this element.

Отчет

This issue does not affect the version of firefox and thunderbird as shipped with Red Hat Enterprise Linux 5 and 6

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5firefoxNot affected
Red Hat Enterprise Linux 5thunderbirdNot affected
Red Hat Enterprise Linux 6firefoxNot affected
Red Hat Enterprise Linux 6thunderbirdNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1023836Mozilla: Spoofing addressbar though SELECT element (MFSA 2013-94)

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-5593

ubuntu
больше 12 лет назад

The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct clickjacking attacks via vectors that trigger navigation off of a page containing this element.

nvd логотип

CVE-2013-5593

nvd
больше 12 лет назад

The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct clickjacking attacks via vectors that trigger navigation off of a page containing this element.

debian логотип

CVE-2013-5593

debian
больше 12 лет назад

The SELECT element implementation in Mozilla Firefox before 25.0, Fire ...

github логотип

GHSA-5qh6-rg6v-wmmc

github
больше 3 лет назад

The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct clickjacking attacks via vectors that trigger navigation off of a page containing this element.

4.3 Medium

CVSS2