Описание
The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocShell.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to spoof the SSL security status of a document via vectors involving multiple requests, a redirect, and the history.back and history.forward JavaScript functions.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 3.6.7+build2+nobinonly-0ubuntu1 |
| hardy | ignored | end of life |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | released | 3.6.7+build2+nobinonly-0ubuntu0.10.04.1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | released | 3.6.7+build2+nobinonly-0ubuntu0.8.04.1 |
| jaunty | released | 3.6.7+build2+nobinonly-0ubuntu0.9.04.1 |
| karmic | DNE | |
| lucid | DNE | |
| upstream | needs-triage | Ubuntu source uses 3.6.x |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | DNE | |
| jaunty | ignored | |
| karmic | released | 3.6.7+build2+nobinonly-0ubuntu0.9.10.1 |
| lucid | DNE | |
| upstream | needs-triage | Ubuntu source uses 3.6.x |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.9.2.7+build2+nobinonly-0ubuntu1 |
| hardy | released | 1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2 |
| jaunty | released | 1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2 |
| karmic | released | 1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2 |
| lucid | released | 1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1 |
| upstream | needs-triage |
Показывать по
EPSS
2.6 Low
CVSS2
Связанные уязвимости
The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocShell.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to spoof the SSL security status of a document via vectors involving multiple requests, a redirect, and the history.back and history.forward JavaScript functions.
The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocShell.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to spoof the SSL security status of a document via vectors involving multiple requests, a redirect, and the history.back and history.forward JavaScript functions.
The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocS ...
The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocShell.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to spoof the SSL security status of a document via vectors involving multiple requests, a redirect, and the history.back and history.forward JavaScript functions.
EPSS
2.6 Low
CVSS2