Lucene search
Ubuntu.comUB:CVE-2011-2990HistoryAug 17, 2011 - 12:00 a.m.
CVE-2011-2990
2011-08-1700:00:00
ubuntu.com
ubuntu.com
12
0.003 Low
EPSS
Percentile
65.7%
The implementation of Content Security Policy (CSP) violation reports in
Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other
products does not remove proxy-authorization credentials from the listed
request headers, which allows attackers to obtain sensitive information by
reading a report, related to incorrect host resolution that occurs with
certain redirects.
Related
cvelist
cvelist
CVE-2011-2990
2011-08-18 18:00:00
prion
prion
Design/Logic Flaw
2011-08-18 18:55:00
cve
cve
CVE-2011-2990
2011-08-18 18:55:00
openvas
openvas
Mozilla Products Information Disclosure and Security Bypass Vulnerabilities (Windows)
2011-09-09 00:00:00
Mozilla Products Information Disclosure and Security Bypass Vulnerabilities - Windows
2011-09-09 00:00:00
Ubuntu Update for libvoikko USN-1192-3
2011-10-21 00:00:00
ubuntu
ubuntu
Mozvoikko update
2011-08-17 00:00:00
Libvoikko regression
2011-10-19 00:00:00
Firefox vulnerabilities
2011-08-17 00:00:00
nessus
nessus
Ubuntu 11.04 : mozvoikko update (USN-1192-2)
2011-08-18 00:00:00
Ubuntu 11.04 : libvoikko regression (USN-1192-3)
2011-10-20 00:00:00
Ubuntu 11.04 : firefox vulnerabilities (USN-1192-1)
2011-08-18 00:00:00
suse
suse
seamonkey: Update to Mozilla Seamonkey 2.3 (important)
2011-08-26 20:08:16
MozillaFirefox: Update to Firefox 6 (important)
2011-08-29 21:08:18
remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey
2011-08-29 16:12:15
mozilla
mozilla
Security issues addressed in SeaMonkey 2.3 — Mozilla
2011-08-16 00:00:00
Security issues addressed in Firefox 6 — Mozilla
2011-08-16 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2011-08-16 00:00:00
securityvulns
securityvulns
Mozilla Fireox / Seamonkey / Thunderbird multiple security vulnerabilities
2011-08-19 00:00:00
seebug
seebug
Mozilla Firefox/Thunderbird/SeaMonkey多个安全漏洞
2011-08-18 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00