4 matches found
SUSE CVE-2015-7195
The URL parsing implementation in Mozilla Firefox before 42.0 improperly recognizes escaped characters in hostnames within Location headers, which allows remote attackers to obtain sensitive information via vectors involving a redirect...
openSUSE Security Update : MozillaFirefox / mozilla-nspr / mozilla-nss / etc (openSUSE-2015-718)
Mozilla Firefox was updated to version 42.0, fixing bugs and security issues. Mozilla xulrunner was updated to xulrunner 38.4.0. SeaMonkey was updated to 2.39. New features in Mozilla Firefox : - Private Browsing with Tracking Protection blocks certain Web elements that could be used to record yo...
CVE-2015-7195
The URL parsing implementation in Mozilla Firefox before 42.0 improperly recognizes escaped characters in hostnames within Location headers, which allows remote attackers to obtain sensitive information via vectors involving a redirect...
CVE-2015-7195
CVE-2015-7195 affects Mozilla Firefox (and Firefox ESR per related advisories) where the URL parsing in Location headers fails to properly recognize certain escaped characters in hostnames. This leads to the parsing being abandoned when an escaped character is encountered, potentially enabling an...