Описание
The WebChannel.jsm module in Mozilla Firefox before 38.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive webchannel-response data via a crafted web site containing an IFRAME element referencing a different web site that is intended to read this data.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 38.0+build3-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [38.0+build3-0ubuntu0.14.04.1]] |
| precise | released | 38.0+build3-0ubuntu0.12.04.1 |
| trusty | released | 38.0+build3-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [38.0+build3-0ubuntu0.14.04.1] |
| upstream | released | 38.0 |
| utopic | released | 38.0+build3-0ubuntu0.14.10.1 |
| vivid | released | 38.0+build3-0ubuntu0.15.04.1 |
Показывать по
4.3 Medium
CVSS2
Связанные уязвимости
The WebChannel.jsm module in Mozilla Firefox before 38.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive webchannel-response data via a crafted web site containing an IFRAME element referencing a different web site that is intended to read this data.
The WebChannel.jsm module in Mozilla Firefox before 38.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive webchannel-response data via a crafted web site containing an IFRAME element referencing a different web site that is intended to read this data.
The WebChannel.jsm module in Mozilla Firefox before 38.0 allows remote ...
The WebChannel.jsm module in Mozilla Firefox before 38.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive webchannel-response data via a crafted web site containing an IFRAME element referencing a different web site that is intended to read this data.
4.3 Medium
CVSS2