Описание
If web content on a page is dragged onto portions of the browser UI, such as the tab bar, links can be opened that otherwise would not be allowed to open. This can allow malicious web content to open a locally stored file through "file:" URLs. This vulnerability affects Firefox < 56.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 56.0+build6-0ubuntu1 |
| bionic | released | 56.0+build6-0ubuntu1 |
| devel | released | 56.0+build6-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [56.0+build6-0ubuntu0.14.04.1]] |
| precise/esm | DNE | |
| trusty | released | 56.0+build6-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [56.0+build6-0ubuntu0.14.04.1] |
| upstream | released | 56.0 |
| vivid/ubuntu-core | DNE | |
| xenial | released | 56.0+build6-0ubuntu0.16.04.1 |
Показывать по
5 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
If web content on a page is dragged onto portions of the browser UI, such as the tab bar, links can be opened that otherwise would not be allowed to open. This can allow malicious web content to open a locally stored file through "file:" URLs. This vulnerability affects Firefox < 56.
If web content on a page is dragged onto portions of the browser UI, s ...
If web content on a page is dragged onto portions of the browser UI, such as the tab bar, links can be opened that otherwise would not be allowed to open. This can allow malicious web content to open a locally stored file through "file:" URLs. This vulnerability affects Firefox < 56.
Уязвимость браузера Mozilla Firefox, связанная с отсутствием защиты служебных данных, позволяющая нарушителю проводить межсайтовые сценарные атаки
5 Medium
CVSS2
5.3 Medium
CVSS3