[Forgot Password]
Login  Register Subscribe

26408

 
 

132812

 
 

151495

 
 

909

 
 

120991

 
 

163

Paid content will be excluded from the download.


Download | Alert*
OVAL

Download origin spoofing via redirect - CVE-2020-15677

ID: oval:org.secpod.oval:def:65686Date: (C)2020-09-23   (M)2020-10-19
Class: VULNERABILITYFamily: windows




Mozilla Firefox 81, Mozilla Firefox ESR 78.3, Mozilla Thunderbird 78.3 : By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from.

Platform:
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server 2012 R2
Microsoft Windows 10
Product:
Mozilla Firefox
Mozilla Firefox ESR
Mozilla Thunderbird
Reference:
CVE-2020-15677
CVE    1
CVE-2020-15677

© SecPod Technologies