Описание
Mozilla Firefox before 42.0 on Android does not ensure that the address bar is restored upon fullscreen-mode exit, which allows remote attackers to spoof the address bar via crafted JavaScript code.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected] |
| precise | not-affected | |
| trusty | not-affected | |
| trusty/esm | DNE | trusty was not-affected |
| upstream | released | 42.0 |
| vivid | not-affected | |
| wily | not-affected |
Показывать по
4.3 Medium
CVSS2
Связанные уязвимости
Mozilla Firefox before 42.0 on Android does not ensure that the address bar is restored upon fullscreen-mode exit, which allows remote attackers to spoof the address bar via crafted JavaScript code.
Mozilla Firefox before 42.0 on Android does not ensure that the addres ...
Mozilla Firefox before 42.0 on Android does not ensure that the address bar is restored upon fullscreen-mode exit, which allows remote attackers to spoof the address bar via crafted JavaScript code.
Уязвимость браузера Firefox, позволяющая нарушителю подменить адресную строку
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss, xulrunner, seamonkey
4.3 Medium
CVSS2