← Zuruck zu CVEs
CVE-2017-5451
N/ABeschreibung
A mechanism to spoof the addressbar through the user interaction on the addressbar and the "onblur" event. The event could be used by script to affect text display to make the loaded site appear to be different from the one actually loaded within the addressbar. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht6/11/2018
Zuletzt geandert11/25/2025
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
mozilla:firefoxmozilla:thunderbirdredhat:enterprise_linuxredhat:enterprise_linux_desktopredhat:enterprise_linux_serverredhat:enterprise_linux_server_ausredhat:enterprise_linux_server_eusredhat:enterprise_linux_workstation
Schwachen (CWE)
CWE-20
Referenzen
http://www.securityfocus.com/bid/97940(security@mozilla.org)
http://www.securitytracker.com/id/1038320(security@mozilla.org)
https://access.redhat.com/errata/RHSA-2017:1106(security@mozilla.org)
https://access.redhat.com/errata/RHSA-2017:1201(security@mozilla.org)
https://bugzilla.mozilla.org/show_bug.cgi?id=1273537(security@mozilla.org)
https://www.mozilla.org/security/advisories/mfsa2017-10/(security@mozilla.org)
https://www.mozilla.org/security/advisories/mfsa2017-12/(security@mozilla.org)
https://www.mozilla.org/security/advisories/mfsa2017-13/(security@mozilla.org)
http://www.securityfocus.com/bid/97940(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1038320(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:1106(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:1201(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.mozilla.org/show_bug.cgi?id=1273537(af854a3a-2127-422b-91ae-364da2661108)
https://www.mozilla.org/security/advisories/mfsa2017-10/(af854a3a-2127-422b-91ae-364da2661108)
https://www.mozilla.org/security/advisories/mfsa2017-12/(af854a3a-2127-422b-91ae-364da2661108)
https://www.mozilla.org/security/advisories/mfsa2017-13/(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.