[Forgot Password]
Login  Register Subscribe

24436

 
 

131815

 
 

115532

 
 

909

 
 

90034

 
 

140

Paid content will be excluded from the download.


Download | Alert*
OVAL

Spoofing vulnerability in Mozilla Firefox - CVE-2017-7815

ID: oval:org.secpod.oval:def:42271Date: (C)2017-10-10   (M)2018-11-17
Class: VULNERABILITYFamily: windows




Mozilla Firefox before 56.0 :- On pages containing an iframe, the data: protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog's location, spoofing of the origin of the modal dialog from the user view.

Platform:
Microsoft Windows Server 2003
Microsoft Windows 8
Microsoft Windows XP
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2016
Microsoft Windows Server 2012 R2
Microsoft Windows 10
Product:
Mozilla Firefox
Reference:
CVE-2017-7815
CVE    1
CVE-2017-7815
CPE    2
cpe:/a:mozilla:firefox:::x64
cpe:/a:mozilla:firefox:::x86

© SecPod Technologies