Описание
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| lucid | ignored | end of life |
| precise | released | 26.0+build2-0ubuntu0.12.04.2 |
| quantal | released | 26.0+build2-0ubuntu0.12.10.2 |
| raring | released | 26.0+build2-0ubuntu0.13.04.2 |
| saucy | released | 26.0+build2-0ubuntu0.13.10.2 |
| upstream | released | 26.0 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly ...
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.
EPSS
4.3 Medium
CVSS2