exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2015-0812

почти 11 лет назад

Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdomain.

CVSS2: 4.3

EPSS: Низкий

CVE-2015-0812

почти 11 лет назад

Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdomain.

CVSS2: 5.1

EPSS: Низкий

CVE-2015-0812

почти 11 лет назад

Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdomain.

CVSS2: 4.3

EPSS: Низкий

CVE-2015-0812

почти 11 лет назад

Mozilla Firefox before 37.0 does not require an HTTPS session for ligh ...

CVSS2: 4.3

EPSS: Низкий

GHSA-xp29-g429-j593

больше 3 лет назад

Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdomain.

EPSS: Низкий

BDU:2015-09887

почти 11 лет назад

Уязвимость браузера Firefox, позволяющая удалённому злоумышленнику обойти ограничения безопасности

CVSS2: 4.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2015-0812 Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdomain.	CVSS2: 4.3	0% Низкий	почти 11 лет назад
CVE-2015-0812 Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdomain.	CVSS2: 5.1	0% Низкий	почти 11 лет назад
CVE-2015-0812 Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdomain.	CVSS2: 4.3	0% Низкий	почти 11 лет назад
CVE-2015-0812 Mozilla Firefox before 37.0 does not require an HTTPS session for ligh ...	CVSS2: 4.3	0% Низкий	почти 11 лет назад
GHSA-xp29-g429-j593 Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdomain.		0% Низкий	больше 3 лет назад
BDU:2015-09887 Уязвимость браузера Firefox, позволяющая удалённому злоумышленнику обойти ограничения безопасности	CVSS2: 4.3	0% Низкий	почти 11 лет назад

Уязвимостей на страницу