Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-4520

Опубликовано: 24 сент. 2015
Источник: ubuntu
Приоритет: medium
CVSS2: 6.4

Описание

Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* response header.

РелизСтатусПримечание
devel

released

41.0+build3-0ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [41.0+build3-0ubuntu0.14.04.1]]
precise

released

41.0+build3-0ubuntu0.12.04.1
trusty

released

41.0+build3-0ubuntu0.14.04.1
trusty/esm

DNE

trusty was released [41.0+build3-0ubuntu0.14.04.1]
upstream

released

41.0
vivid

released

41.0+build3-0ubuntu0.15.04.1

Показывать по

РелизСтатусПримечание
devel

released

1:38.3.0+build1-0ubuntu2
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [1:38.3.0+build1-0ubuntu0.14.04.1]]
precise

released

1:38.3.0+build1-0ubuntu0.12.04.1
trusty

released

1:38.3.0+build1-0ubuntu0.14.04.1
trusty/esm

DNE

trusty was released [1:38.3.0+build1-0ubuntu0.14.04.1]
upstream

released

38.3.0
vivid

released

1:38.3.0+build1-0ubuntu0.15.04.1

Показывать по

Ссылки на источники

6.4 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2015-4520

redhat
почти 10 лет назад

Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* response header.

nvd логотип

CVE-2015-4520

nvd
почти 10 лет назад

Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* response header.

debian логотип

CVE-2015-4520

debian
почти 10 лет назад

Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow rem ...

github логотип

GHSA-47pc-q6hv-5vfj

github
больше 3 лет назад

Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* response header.

fstec логотип

BDU:2015-11524

fstec
почти 10 лет назад

Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю обойти механизм защиты CORS

6.4 Medium

CVSS2