Описание
A mechanism to spoof the addressbar through the user interaction on the addressbar and the "onblur" event. The event could be used by script to affect text display to make the loaded site appear to be different from the one actually loaded within the addressbar. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 54.0+build3-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [53.0+build6-0ubuntu0.14.04.1]] |
| precise | ignored | |
| precise/esm | DNE | precise was ignored |
| trusty | released | 53.0+build6-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [53.0+build6-0ubuntu0.14.04.1] |
| upstream | released | 53.0 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 53.0+build6-0ubuntu0.16.04.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1:52.1.1+build1-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1:52.1.1+build1-0ubuntu0.14.04.1]] |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needs-triage |
| trusty | released | 1:52.1.1+build1-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [1:52.1.1+build1-0ubuntu0.14.04.1] |
| upstream | released | 52.1.1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 1:52.1.1+build1-0ubuntu0.16.04.1 |
Показывать по
EPSS
4.3 Medium
CVSS2
4.3 Medium
CVSS3
Связанные уязвимости
A mechanism to spoof the addressbar through the user interaction on the addressbar and the "onblur" event. The event could be used by script to affect text display to make the loaded site appear to be different from the one actually loaded within the addressbar. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
A mechanism to spoof the addressbar through the user interaction on the addressbar and the "onblur" event. The event could be used by script to affect text display to make the loaded site appear to be different from the one actually loaded within the addressbar. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
A mechanism to spoof the addressbar through the user interaction on th ...
A mechanism to spoof the addressbar through the user interaction on the addressbar and the "onblur" event. The event could be used by script to affect text display to make the loaded site appear to be different from the one actually loaded within the addressbar. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
Уязвимость механизма подмены адресной строки через взаимодействие пользователя с адресной строкой и событием «onblur» браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю проводить спуфинг-атаки
EPSS
4.3 Medium
CVSS2
4.3 Medium
CVSS3