[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

112965

 
 

909

 
 

87888

 
 

136

Paid content will be excluded from the download.


Download | Alert*
OVAL

Spoofing vulnerability in Mozilla Firefox - CVE-2017-7815

ID: oval:org.secpod.oval:def:42271Date: (C)2017-10-10   (M)2018-06-26
Class: VULNERABILITYFamily: windows




Mozilla Firefox before 56.0 :- On pages containing an iframe, the data: protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog's location, spoofing of the origin of the modal dialog from the user view.

Platform:
Microsoft Windows Server 2003
Microsoft Windows 8
Microsoft Windows XP
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2016
Microsoft Windows Server 2012 R2
Microsoft Windows 10
Product:
Mozilla Firefox
Reference:
CVE-2017-7815
CVE    1
CVE-2017-7815
CPE    2
cpe:/a:mozilla:firefox:::x86
cpe:/a:mozilla:firefox:::x64

© SecPod Technologies