8 matches found
openSUSE Security Update : MozillaFirefox (openSUSE-2015-678)
MozillaFirefox was updated to version 41.0.2 to fix one security issue. This security issue was fixed : - CVE-2015-7184: Cross-origin restriction bypass using Fetch bsc950686. These non-security issues were fixed : - Fix a startup crash related to Yandex toolbar and Adblock Plus bmo1209124 - Fix...
Security update for MozillaFirefox (important)
MozillaFirefox was updated to version 41.0.2 to fix one security issue. This security issue was fixed: - CVE-2015-7184: Cross-origin restriction bypass using Fetch bsc950686. These non-security issues were fixed: Fix a startup crash related to Yandex toolbar and Adblock Plus bmo1209124 Fix...
openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2015:1817-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : Firefox vulnerability (USN-2768-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2768-1 advisory. Abdulrahman Alqabandi and Ben Kelly discovered that the fetch API did not correctly implement the Cross Origin Resource Sharing CORS specification. If a user were...
CVE-2015-7184
The fetch API implementation in Mozilla Firefox before 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin request algorithm is improperly followed, which allows remote attackers to bypass the Same Origin...
CVE-2015-7184
CVE-2015-7184 affects Mozilla Firefox before 41.0.2, where the fetch() API implementation did not adequately restrict access to the HTTP response body in certain cases when credentials are used. The issue arises from an improper handling of the CORS cross-origin request algorithm, allowing a remo...
USN-2768-1: Firefox vulnerability
Abdulrahman Alqabandi and Ben Kelly discovered that the fetch API did not correctly implement the Cross Origin Resource Sharing CORS specification. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information from oth...
Ubuntu: Security Advisory (USN-2768-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...