PT-2019-4863 · Mozilla+2 · Firefox+2

Abdulrahman Alqabandi

Publicado

2019-12-03

Atualizado

2024-12-12

CVE-2019-17014

CVSS v3.1

7.4

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 71

Description The issue is related to a cross-origin information leak that can occur when an image fails to load correctly, allowing it to be dragged and dropped cross-domain. This can potentially enable a remote attacker to access confidential data.

Recommendations For versions prior to 71, update to version 71 or later to resolve the issue.

Correção

Incorrect Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-863CWE-829

Identificadores relacionados

ALT-PU-2019-3239

ALT-PU-2020-1617

ALT-PU-2020-2408

ALT-PU-2020-2933

ALT-PU-2021-1368

BDU:2020-01449

CVE-2019-17014

OPENSUSE-SU-2024:10600-1

OPENSUSE-SU-2024:14572-1

USN-4216-1

USN-4216-2

Produtos afetados

Alt Linux

Firefox

Ubuntu

PT-2019-4863 · Mozilla+2 · Firefox+2

CVE-2019-17014

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 1888