Описание
When delegating navigations to the operating system, Firefox would accept the mk scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. This bug only affects Firefox for Windows. Other operating systems are unaffected.. This vulnerability affects Firefox < 92, Thunderbird < 91.1, Thunderbird < 78.14, Firefox ESR < 78.14, and Firefox ESR < 91.1.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | Windows only |
| devel | not-affected | Windows only |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | not-affected | Windows only |
| hirsute | not-affected | Windows only |
| impish | not-affected | Windows only |
| jammy | not-affected | Windows only |
| kinetic | not-affected | Windows only |
| lunar | not-affected | Windows only |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE | |
| lunar | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | DNE | |
| esm-apps/bionic | ignored | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | DNE | |
| esm-apps/focal | ignored | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | ignored | |
| focal | ignored | |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | ignored | |
| focal | ignored | |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE | |
| lunar | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-apps/jammy | ignored | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| hirsute | ignored | end of life |
| impish | ignored | end of life |
| jammy | ignored | |
| kinetic | ignored | end of life, was needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | Windows only |
| devel | not-affected | Windows only |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | not-affected | Windows only |
| hirsute | not-affected | Windows only |
| impish | not-affected | Windows only |
| jammy | not-affected | Windows only |
| kinetic | not-affected | Windows only |
| lunar | not-affected | Windows only |
Показывать по
Ссылки на источники
EPSS
4.3 Medium
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. *This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 92, Thunderbird < 91.1, Thunderbird < 78.14, Firefox ESR < 78.14, and Firefox ESR < 91.1.
When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. *This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 92, Thunderbird < 91.1, Thunderbird < 78.14, Firefox ESR < 78.14, and Firefox ESR < 91.1.
When delegating navigations to the operating system, Firefox would acc ...
When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. *This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 92, Thunderbird < 91.1, Thunderbird < 78.14, Firefox ESR < 78.14, and Firefox ESR < 91.1.
EPSS
4.3 Medium
CVSS2
6.5 Medium
CVSS3