Lucene search
MozillaCVELIST:CVE-2016-9902HistoryJun 11, 2018 - 9:00 p.m.
CVE-2016-9902
2018-06-1121:00:00
mozilla
www.cve.org
8
The Pocket toolbar button, once activated, listens for events fired from it’s own pages but does not verify the origin of incoming events. This allows content from other origins to fire events and inject content and commands into the Pocket context. Note: this issue does not affect users with e10s enabled. This vulnerability affects Firefox ESR < 45.6 and Firefox < 50.1.
CNA Affected
[
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "45.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "50.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]References
rhn.redhat.com/errata/RHSA-2016-2946.html
rhn.redhat.com/errata/RHSA-2016-2973.html
www.securityfocus.com/bid/94885
www.securitytracker.com/id/1037461
bugzilla.mozilla.org/show_bug.cgi?id=1320039
security.gentoo.org/glsa/201701-15
www.mozilla.org/security/advisories/mfsa2016-94/
www.mozilla.org/security/advisories/mfsa2016-95/
Related
redhatcve
redhatcve
CVE-2016-9902
2016-12-14 04:47:46
veracode
veracode
Cross Origin Resource Sharing (CORS)
2019-05-02 05:51:35
ubuntucve
ubuntucve
CVE-2016-9902
2016-12-13 00:00:00
debiancve
debiancve
CVE-2016-9902
2018-06-11 21:29:02
nvd
nvd
CVE-2016-9902
2018-06-11 21:29:02
cve
cve
CVE-2016-9902
2018-06-11 21:29:02
prion
prion
Design/Logic Flaw
2018-06-11 21:29:00
alpinelinux
alpinelinux
CVE-2016-9902
2018-06-11 21:29:02
nessus
nessus
Scientific Linux Security Update : thunderbird on SL5.x, SL6.x, SL7.x i386/x86_64 (20161221)
2016-12-21 00:00:00
CentOS 5 / 6 / 7 : thunderbird (CESA-2016:2973)
2016-12-21 00:00:00
RHEL 5 / 6 / 7 : thunderbird (RHSA-2016:2973)
2016-12-21 00:00:00
openvas
openvas
CentOS Update for thunderbird CESA-2016:2973 centos7
2016-12-22 00:00:00
RedHat Update for thunderbird RHSA-2016:2973-01
2016-12-22 00:00:00
CentOS Update for thunderbird CESA-2016:2973 centos5
2016-12-22 00:00:00
redhat
redhat
(RHSA-2016:2973) Important: thunderbird security update
2016-12-21 00:00:00
(RHSA-2016:2946) Critical: firefox security update
2016-12-14 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2016-12-21 00:00:00
firefox security update
2016-12-14 00:00:00
centos
centos
thunderbird security update
2016-12-21 13:43:24
firefox security update
2016-12-16 14:19:50
mageia
mageia
Updated firefox packages fix security vulnerabilities
2016-12-15 23:33:35
Updated iceape packages fix security vulnerabilities
2017-09-02 00:10:29
suse
suse
Security update for MozillaFirefox (important)
2016-12-22 02:08:43
Security update for MozillaFirefox (important)
2016-12-22 02:08:15
Security update for MozillaFirefox (important)
2016-12-21 20:08:23
kaspersky
kaspersky
KLA10913 Multiple vulnerabilities in Mozilla Firefox ESR
2016-12-13 00:00:00
KLA10912 Multiple vulnerabilities in Mozilla Firefox
2016-12-13 00:00:00
debian
debian
[SECURITY] [DLA 743-1] firefox-esr security update
2016-12-15 19:29:03
[SECURITY] [DSA 3734-1] firefox-esr security update
2016-12-14 15:26:33
mozilla
mozilla
Security vulnerabilities fixed in Firefox ESR 45.6 — Mozilla
2016-12-13 00:00:00
Security vulnerabilities fixed in Firefox 50.1 — Mozilla
2016-12-13 00:00:00
osv
osv
firefox-esr - security update
2016-12-15 00:00:00
MozillaFirefox-50.1.0-1.1 on GA media
2024-06-15 00:00:00
ibm
ibm
freebsd
freebsd
mozilla -- multiple vulnerabilities
2016-12-13 00:00:00
archlinux
archlinux
[ASA-201612-15] firefox: multiple issues
2016-12-14 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2016-12-13 00:00:00
gentoo
gentoo
Mozilla Firefox, Thunderbird: Multiple vulnerabilities
2017-01-03 00:00:00