Описание
Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent manual add-on installation in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that triggers an unspecified internal error.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 7.0.1+build1+nobinonly-0ubuntu1 |
| hardy | ignored | end of life |
| lucid | not-affected | |
| maverick | not-affected | 3.6.23+build1+nobinonly-0ubuntu0.10.10.1 |
| natty | released | 7.0.1+build1+nobinonly-0ubuntu0.11.04.1 |
| upstream | released | 7.0 |
Показывать по
4.3 Medium
CVSS2
Связанные уязвимости
Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent manual add-on installation in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that triggers an unspecified internal error.
Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey b ...
Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent manual add-on installation in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that triggers an unspecified internal error.
4.3 Medium
CVSS2