[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Firefox, Thunderbird - (bulletinoct2017)

ID: oval:org.secpod.oval:def:2101470Date: (C)2020-01-14   (M)2022-01-13
Class: PATCHFamily: unix




The content security policy (CSP) "sandbox" directive did not create a unique origin for the document, causing it to behave as if the "allow-same-origin" keyword were always specified. This could allow a Cross-Site Scripting (XSS) attack to be launched from unsafe content. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.

Platform:
Sun Solaris 11
Product:
web/data/firefox-bookmarks
web/browser/firefox
web/browser/firefox/plugin/firefox-java
mail/thunderbird
mail/thunderbird/plugin/thunderbird-lightning
Reference:
bulletinoct2017
CVE-2017-7823
CVE-2017-7783
CVE-2017-7793
CVE-2017-7797
CVE-2017-7805
CVE-2017-7806
CVE-2017-7810
CVE-2017-7814
CVE-2017-7818
CVE-2017-7819
CVE-2017-7824
CVE-2017-7825
CVE    12
CVE-2017-7825
CVE-2017-7814
CVE-2017-7824
CVE-2017-7823
...
CPE    1
cpe:/o:oracle:solaris:11

© SecPod Technologies