Описание
Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote attackers to conduct clickjacking attacks via a crafted web site that uses the HTTP server push feature with multipart responses.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 23.0~b2+build1-0ubuntu1 |
| lucid | ignored | end of life |
| precise | released | 22.0+build1-0ubuntu0.12.04.1 |
| quantal | released | 22.0+build1-0ubuntu0.12.10.1 |
| raring | released | 22.0+build1-0ubuntu0.13.04.1 |
| upstream | released | 22.0 |
Показывать по
EPSS
4 Medium
CVSS2
Связанные уязвимости
Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote attackers to conduct clickjacking attacks via a crafted web site that uses the HTTP server push feature with multipart responses.
Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote attackers to conduct clickjacking attacks via a crafted web site that uses the HTTP server push feature with multipart responses.
Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Opti ...
Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote attackers to conduct clickjacking attacks via a crafted web site that uses the HTTP server push feature with multipart responses.
EPSS
4 Medium
CVSS2