Описание
Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing."
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1 |
| devel | released | 2.0.0.6+1-0ubuntu1 |
| edgy | released | 2.0.0.6+0dfsg-0ubuntu0.6.10 |
| feisty | released | 2.0.0.6+1-0ubuntu1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 3.0~alpha7-0ubuntu6 |
| edgy | DNE | |
| feisty | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 0.5-0ubuntu4 |
| edgy | DNE | |
| feisty | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 0.1.6b-0ubuntu2 |
| edgy | DNE | |
| feisty | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | |
| devel | DNE | |
| edgy | not-affected | |
| feisty | DNE | |
| upstream | needs-triage |
Показывать по
EPSS
2.6 Low
CVSS2
Связанные уязвимости
Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing."
Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing."
Firefox 1.0 does not invoke the Javascript Security Manager when a use ...
Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing."
EPSS
2.6 Low
CVSS2