Описание
When dragging content from the primary browser pane to the addressbar on a malicious site, it is possible to change the addressbar so that the displayed location following navigation does not match the URL of the newly loaded page. This allows for spoofing attacks. This vulnerability affects Firefox < 52.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 52.0.1+build2-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [52.0+build2-0ubuntu0.14.04.1]] |
| precise | released | 52.0+build2-0ubuntu0.12.04.1 |
| trusty | released | 52.0+build2-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [52.0+build2-0ubuntu0.14.04.1] |
| upstream | released | 52.0 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 52.0+build2-0ubuntu0.16.04.1 |
| yakkety | released | 52.0+build2-0ubuntu0.16.10.1 |
Показывать по
5 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
When dragging content from the primary browser pane to the addressbar on a malicious site, it is possible to change the addressbar so that the displayed location following navigation does not match the URL of the newly loaded page. This allows for spoofing attacks. This vulnerability affects Firefox < 52.
When dragging content from the primary browser pane to the addressbar ...
When dragging content from the primary browser pane to the addressbar on a malicious site, it is possible to change the addressbar so that the displayed location following navigation does not match the URL of the newly loaded page. This allows for spoofing attacks. This vulnerability affects Firefox < 52.
5 Medium
CVSS2
5.3 Medium
CVSS3