CVE-2016-1937

Опубликовано: 31 янв. 2016

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.3

CVSS3: 6.1

Описание

The protocol-handler dialog in Mozilla Firefox before 44.0 allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended.

Релиз	Статус	Примечание
devel	released	44.0+build3-0ubuntu1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [44.0+build3-0ubuntu0.14.04.1]]
precise	released	44.0+build3-0ubuntu0.12.04.1
trusty	released	44.0+build3-0ubuntu0.14.04.1
trusty/esm	DNE	trusty was released [44.0+build3-0ubuntu0.14.04.1]
upstream	released	44.0
vivid	released	44.0+build3-0ubuntu0.15.04.1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	released	44.0+build3-0ubuntu0.15.10.1

Показывать по

Релиз	Статус	Примечание
devel	not-affected
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected]
precise	not-affected
trusty	not-affected
trusty/esm	DNE	trusty was not-affected
upstream	not-affected
vivid	not-affected
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 57%

0.00353

Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2016-1937

redhat

около 10 лет назад

CVE-2016-1937

CVSS3: 6.1

nvd

около 10 лет назад

CVE-2016-1937

CVSS3: 6.1

debian

около 10 лет назад

The protocol-handler dialog in Mozilla Firefox before 44.0 allows remo ...

GHSA-c8cc-37rm-6jp9

CVSS3: 6.1

github

больше 3 лет назад

openSUSE-SU-2016:0309-1

suse-cvrf

около 10 лет назад

Security update for the MozillaFirefox, mozilla-nss and mozilla-nspr

EPSS

Процентиль: 57%

0.00353

Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3

CVE-2016-1937

Описание

Пакет firefox

Пакет thunderbird

Ссылки на источники

Связанные уязвимости