Описание
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| hardy | ignored | end of life |
| lucid | released | 3.6.23+build1+nobinonly-0ubuntu0.10.04.1 |
| maverick | released | 3.6.23+build1+nobinonly-0ubuntu0.10.10.1 |
| natty | released | 7.0.1+build1+nobinonly-0ubuntu0.11.04.1 |
| oneiric | not-affected | |
| precise | not-affected | |
| quantal | not-affected | |
| raring | not-affected | |
| saucy | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | ignored | end of life |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE | |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE | |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| maverick | ignored | end of life |
| natty | ignored | end of life |
| oneiric | not-affected | 2.4.1-0ubuntu1 |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| hardy | ignored | end of life |
| lucid | released | 3.1.15+build1+nobinonly-0ubuntu0.10.04.1 |
| maverick | released | 3.1.15+build1+nobinonly-0ubuntu0.10.10.1 |
| natty | released | 3.1.15+build1+nobinonly-0ubuntu0.11.04.1 |
| oneiric | not-affected | |
| precise | not-affected | |
| quantal | not-affected | |
| raring | not-affected | |
| saucy | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | ignored | end of life |
| lucid | released | 1.9.2.23+build1+nobinonly-0ubuntu0.10.04.1 |
| maverick | released | 1.9.2.23+build1+nobinonly-0ubuntu0.10.10.1 |
| natty | released | 1.9.2.27+build1+nobinonly-0ubuntu0.11.04.1 |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| natty | ignored | end of life |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE |
Показывать по
3.5 Low
CVSS2
Связанные уязвимости
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site.
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site.
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7. ...
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site.
3.5 Low
CVSS2