PT-2025-9660 · Mozilla+11 · Firefox+11

Hafiizh

Publicado

2025-03-04

Atualizado

2025-07-22

CVE-2025-1935

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 136 Firefox ESR versions prior to 128.8

Description A web page could trick a user into setting that site as the default handler for a custom URL protocol.

Recommendations For Firefox versions prior to 136, update to version 136 or later. For Firefox ESR versions prior to 128.8, update to version 128.8 or later.

Correção

UI Misrepresentation of Critical Information

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-451CWE-79

Identificadores relacionados

ALSA-2025:2359

ALSA-2025:2452

ALT-PU-2025-3905

ALT-PU-2025-4001

ALT-PU-2025-4567

ALT-PU-2025-5829

ALT-PU-2025-7695

ALT-PU-2025-7697

BDU:2025-02602

CESA-2025_2452

CVE-2025-1935

DLA-4078-1

DLA-4081-1

DSA-5874-1

DSA-5876-1

INFSA-2025_2359

INFSA-2025_2452

MGASA-2025-0092

MGASA-2025-0093

OESA-2025-1265

OESA-2025-1266

OESA-2025-1267

OESA-2025-1268

OESA-2025-1835

OPENSUSE-SU-2025:14852-1

OPENSUSE-SU-2025:14853-1

OPENSUSE-SU-2025:14861-1

OPENSUSE-SU-2025:14958-1

OPENSUSE-SU-2025_0788-1

OPENSUSE-SU-2025_0849-1

RHSA-2025:2359

RHSA-2025:2452

RHSA-2025:2479

RHSA-2025:2480

RHSA-2025:2481

RHSA-2025:2484

RHSA-2025:2485

RHSA-2025:2486

RHSA-2025:2699

RHSA-2025:2708

RHSA-2025_2359

RHSA-2025_2452

SUSE-SU-2025:0783-1

SUSE-SU-2025:0788-1

SUSE-SU-2025:0849-1

SUSE-SU-2025_0783-1

USN-7334-1

USN-7663-1

Produtos afetados

Alt Linux

Almalinux

Astra Linux

Centos

Debian

Firefox

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2025-9660 · Mozilla+11 · Firefox+11

CVE-2025-1935

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 416