Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2015-0801

Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving anchor navigation, a similar issue to CVE-2015-0818.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.mozilla.org...
CONFIRM: https://bugzilla.mozil...
DEBIAN: DSA-3211
REDHAT: RHSA-2015:0766
REDHAT: RHSA-2015:0771
UBUNTU: USN-2550-1
UBUNTU: USN-2552-1
SECTRACK: 1031996
SECTRACK: 1032000
DEBIAN: DSA-3212
SUSE: SUSE-SU-2015:0704
SUSE: openSUSE-SU-2015:0677
CONFIRM: http://www.oracle.com/...
GENTOO: GLSA-201512-10
SUSE: openSUSE-SU-2015:1266
SUSE: openSUSE-SU-2015:0892
BID: 73455

Launchpad.net

CVE 2015-0801

Related bugs

References