CVE-2016-5279

Опубликовано: 20 сент. 2016

Источник: redhat

CVSS3: 4.3

CVSS2: 5.1

Описание

Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	firefox	Not affected
Red Hat Enterprise Linux 5	thunderbird	Not affected
Red Hat Enterprise Linux 6	firefox	Not affected
Red Hat Enterprise Linux 6	thunderbird	Not affected
Red Hat Enterprise Linux 7	firefox	Not affected
Red Hat Enterprise Linux 7	thunderbird	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=1377673Mozilla: Full local path of files is available to web pages after drag and drop (MFSA 2016-85)

4.3 Medium

CVSS3

5.1 Medium

CVSS2

Связанные уязвимости

CVE-2016-5279

CVSS3: 4.3

ubuntu

больше 9 лет назад

Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code.

CVE-2016-5279

CVSS3: 4.3

nvd

больше 9 лет назад

Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code.

CVE-2016-5279

CVSS3: 4.3

debian

больше 9 лет назад

Mozilla Firefox before 49.0 allows user-assisted remote attackers to o ...

GHSA-rwgx-gvrc-xv45

CVSS3: 4.3

github

больше 3 лет назад

Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code.

openSUSE-SU-2016:2368-1

suse-cvrf

больше 9 лет назад

Security update for MozillaFirefox, mozilla-nss

4.3 Medium

CVSS3

5.1 Medium

CVSS2