[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

WebRTC permission prompt could have been bypassed by a compromised content process - CVE-2020-12424

ID: oval:org.secpod.oval:def:64068Date: (C)2020-07-02   (M)2023-11-19
Class: VULNERABILITYFamily: macos




Mozilla Firefox 78 : When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt.

Platform:
Apple Mac OS 14
Apple Mac OS 13
Apple Mac OS 12
Apple Mac OS 11
Apple Mac OS X 10.9
Apple Mac OS X 10.10
Apple Mac OS X 10.11
Apple Mac OS X 10.12
Apple Mac OS X 10.13
Apple Mac OS X 10.14
Apple Mac OS X 10.15
Product:
Mozilla Firefox
Mozilla Thunderbird
Reference:
CVE-2020-12424
CVE    1
CVE-2020-12424

© SecPod Technologies