3 matches found
CVE-2018-5182
CVE-2018-5182 affects Mozilla Firefox before version 60, where dragging a text string that is a local filename into the address bar can cause that local file to be opened. This is a local-file access issue related to how file: URL-like strings are handled when dragged onto the address bar. Connec...
Mozilla Firefox < 60 Multiple Critical Vulnerabilities
The version of Mozilla Firefox installed on the remote Windows host is prior to 60. It is, therefore, affected by multiple critical and high severity vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid109869; scriptversion"1.7";...
CVE-2018-5182
If a text string that happens to be a filename in the operating system's native format is dragged and dropped onto the addressbar the specified local file will be opened. This is contrary to policy and is what would happen if the string were the equivalent "file:" URL. This vulnerability affects...