Количество 13
Количество 13
CVE-2016-1954
The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file.
CVE-2016-1954
The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file.
CVE-2016-1954
The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file.
CVE-2016-1954
The nsCSPContext::SendReports function in dom/security/nsCSPContext.cp ...
GHSA-hh86-fc79-9mq4
The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file.
BDU:2016-00764
Уязвимость почтового клиента Thunderbird, браузеров Firefox и Firefox ESR, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии
ELSA-2016-0460
ELSA-2016-0460: thunderbird security update (IMPORTANT)
ELSA-2016-0373
ELSA-2016-0373: firefox security update (CRITICAL)
openSUSE-SU-2016:0876-1
Security update for MozillaThunderbird
SUSE-SU-2016:0909-1
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss
SUSE-SU-2016:0777-1
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss
SUSE-SU-2016:0727-1
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss
openSUSE-SU-2016:0731-1
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2016-1954 The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file. | CVSS3: 8.8 | 5% Низкий | больше 9 лет назад |
 | CVE-2016-1954 The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file. | CVSS2: 4.3 | 5% Низкий | больше 9 лет назад |
 | CVE-2016-1954 The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file. | CVSS3: 8.8 | 5% Низкий | больше 9 лет назад |
| CVE-2016-1954 The nsCSPContext::SendReports function in dom/security/nsCSPContext.cp ... | CVSS3: 8.8 | 5% Низкий | больше 9 лет назад |
| GHSA-hh86-fc79-9mq4 The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file. | CVSS3: 8.8 | 5% Низкий | больше 3 лет назад |
 | BDU:2016-00764 Уязвимость почтового клиента Thunderbird, браузеров Firefox и Firefox ESR, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии | CVSS2: 6.8 | 5% Низкий | больше 9 лет назад |
| ELSA-2016-0460 ELSA-2016-0460: thunderbird security update (IMPORTANT) | больше 9 лет назад | ||
| ELSA-2016-0373 ELSA-2016-0373: firefox security update (CRITICAL) | больше 9 лет назад | ||
 | openSUSE-SU-2016:0876-1 Security update for MozillaThunderbird | больше 9 лет назад | ||
| SUSE-SU-2016:0909-1 Security update for MozillaFirefox, mozilla-nspr, mozilla-nss | больше 9 лет назад | ||
| SUSE-SU-2016:0777-1 Security update for MozillaFirefox, mozilla-nspr, mozilla-nss | больше 9 лет назад | ||
| SUSE-SU-2016:0727-1 Security update for MozillaFirefox, mozilla-nspr, mozilla-nss | больше 9 лет назад | ||
| openSUSE-SU-2016:0731-1 Security update for MozillaFirefox, mozilla-nspr, mozilla-nss | больше 9 лет назад |
Уязвимостей на страницу