Lucene search
Veracode Vulnerability DatabaseVERACODE:27139HistorySep 21, 2020 - 6:38 a.m.
Arbitrary Code Execution
2020-09-2106:38:07
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
firefox
vulnerability
arbitrary code execution
srcdoc
iframe
sandbox
csp
software
EPSS
0.005
Percentile
76.7%
firefox is vulnerable to arbitrary code execution. The vulnerability exists as the srcdoc content with an iframe has a sandbox attribute, fails to inherit the containing page’s Content Security Policy (CSP) as it should unless the sandbox attribute included allow-same-origin.
Related
cve
cve
CVE-2017-7788
2018-06-11 21:29:09
redhatcve
redhatcve
CVE-2017-7788
2017-08-09 01:50:34
cvelist
cvelist
CVE-2017-7788
2018-06-11 21:00:00
debiancve
debiancve
CVE-2017-7788
2018-06-11 21:29:09
nvd
nvd
CVE-2017-7788
2018-06-11 21:29:09
prion
prion
Spoofing
2018-06-11 21:29:00
ubuntucve
ubuntucve
CVE-2017-7788
2017-08-10 00:00:00
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS : Firefox vulnerabilities (USN-3391-1)
2017-08-16 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : Ubufox update (USN-3391-2)
2017-08-17 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : Firefox regression (USN-3391-3)
2017-08-18 00:00:00
ubuntu
ubuntu
Firefox regression
2017-08-17 00:00:00
Ubufox update
2017-08-16 00:00:00
Firefox vulnerabilities
2017-08-15 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3391-2)
2017-08-17 00:00:00
Ubuntu: Security Advisory (USN-3391-3)
2017-08-18 00:00:00
Mozilla Firefox Security Advisories (MFSA2017-18, MFSA2017-19) - Mac OS X
2017-08-10 00:00:00
archlinux
archlinux
[ASA-201708-3] firefox: multiple issues
2017-08-10 00:00:00
kaspersky
kaspersky
KLA11082 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2017-08-08 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Firefox 55 — Mozilla
2017-08-08 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2017-08-08 00:00:00
osv
osv
MozillaFirefox-92.0-1.2 on GA media
2024-06-15 00:00:00