Lucene search
+L

38 matches found

cvelist
cvelist
added 2018/06/11 9:0 p.m.40 views

CVE-2017-5390

The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

9.1AI score0.03933EPSS
Exploits0References12
cve
cve
added 2018/06/11 9:0 p.m.233 views

CVE-2017-5390

CVE-2017-5390 concerns the JSON viewer in Mozilla/Thunderbird Developer Tools that uses insecure methods to copy/view JSON or HTTP header data, enabling potential privilege escalation. Concrete details in connected docs show this affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox

9.8CVSS8.9AI score0.03933EPSS
Exploits0References12Affected Software1
debiancve
debiancve
added 2018/06/11 9:0 p.m.39 views

CVE-2018-5176

The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including "javascript:" links. If a JSON file contains malicious JavaScript script embedded as "javascript:" links, users may be tricked into clicking and running this code in the context of the JSON Viewer. Thi...

6.1CVSS8AI score0.01445EPSS
Exploits0
debiancve
debiancve
added 2018/06/11 9:0 p.m.38 views

CVE-2017-5390

The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

9.8CVSS9.8AI score0.03933EPSS
Exploits0
cve
cve
added 2018/06/11 9:0 p.m.136 views

CVE-2018-5176

The CVE-2018-5176 entry describes a JSON Viewer script-injection vulnerability in Mozilla Firefox where the JSON Viewer linkifies strings that parse as URLs, including javascript: links. This could allow a user to click a malicious link and potentially expose cookies or authorization tokens withi...

6.1CVSS6.3AI score0.01445EPSS
Exploits0References5Affected Software1
alpinelinux
alpinelinux
added 2018/06/11 9:0 p.m.47 views

CVE-2017-5390

The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

9.8CVSS9.3AI score0.03933EPSS
Exploits0
ubuntucve
ubuntucve
added 2018/05/11 12:0 a.m.22 views

CVE-2018-5176

The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including "javascript:" links. If a JSON file contains malicious JavaScript script embedded as "javascript:" links, users may be tricked into clicking and running this code in the context of the JSON Viewer. Thi...

6.1CVSS6.9AI score0.01445EPSS
Exploits0References3
osv
osv
added 2018/05/11 12:0 a.m.5 views

UBUNTU-CVE-2018-5176

The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including "javascript:" links. If a JSON file contains malicious JavaScript script embedded as "javascript:" links, users may be tricked into clicking and running this code in the context of the JSON Viewer. Thi...

6.1CVSS6.9AI score0.01445EPSS
Exploits0References4
osv
osv
added 2017/02/03 9:39 p.m.16 views

MGASA-2017-0039 Updated thunderbird packages fix security vulnerabilities

JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. CVE-2017-5375 Use-after-free while manipulating XSL in XSLT documents. CVE-2017-5376 Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks...

9.8CVSS8.3AI score0.33199EPSS
Exploits15References4
redhat
redhat
added 2017/02/02 4:38 a.m.5 views

Mozilla: Insecure communication methods in Developer Tools JSON viewer (MFSA 2017-02)

The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

9.8CVSS7.3AI score0.03933EPSS
Exploits0References5
nessus
nessus
added 2017/01/31 12:0 a.m.230 views

Mozilla Firefox < 51 Multiple Vulnerabilities

Binary data 9927.prm...

9.8CVSS7.7AI score0.33199EPSS
Exploits24References26
nessus
nessus
added 2017/01/31 12:0 a.m.26 views

Mozilla Firefox ESR < 45.7 Multiple Vulnerabilities

Binary data 9928.prm...

9.8CVSS7.7AI score0.33199EPSS
Exploits16References12
redhat
redhat
added 2017/01/25 9:31 a.m.7 views

Mozilla: Insecure communication methods in Developer Tools JSON viewer (MFSA 2017-02)

The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

9.8CVSS7.3AI score0.03933EPSS
Exploits0References5
redhatcve
redhatcve
added 2017/01/25 6:48 a.m.26 views

CVE-2017-5390

The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

9.8CVSS3.6AI score0.03933EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2017/01/25 12:0 a.m.29 views

CVE-2017-5390

The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

9.8CVSS7.2AI score0.03933EPSS
Exploits0References5
osv
osv
added 2017/01/25 12:0 a.m.4 views

UBUNTU-CVE-2017-5390

The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

9.8CVSS7.3AI score0.03933EPSS
Exploits0References6
nessus
nessus
added 2017/01/25 12:0 a.m.41 views

Mozilla Firefox ESR 45.x < 45.7 Multiple Vulnerabilities (macOS)

The version of Mozilla Firefox ESR installed on the remote macOS or Mac OS X host is 45.x prior to 45.7. It is, therefore, affected by the following vulnerabilities : - Mozilla developers and community members Christian Holler, Gary Kwong, Andre Bargull, Jan de Mooij, Tom Schuster, and Oriol...

9.8CVSS7AI score0.33199EPSS
Exploits16References29
mozilla
mozilla
added 2017/01/24 12:0 a.m.69 views

Security vulnerabilities fixed in Firefox 51 — Mozilla

JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. Use-after-free while manipulating XSL in XSLT documents A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potential...

9.8CVSS9.7AI score0.33199EPSS
Exploits16References27Affected Software1
Rows per page
Query Builder