mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
78 lines
2.6 KiB
JSON
78 lines
2.6 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "security@mozilla.org",
|
|
"ID": "CVE-2017-5417",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Firefox",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "<",
|
|
"version_value": "52"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "Mozilla"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "When dragging content from the primary browser pane to the addressbar on a malicious site, it is possible to change the addressbar so that the displayed location following navigation does not match the URL of the newly loaded page. This allows for spoofing attacks. This vulnerability affects Firefox < 52."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Addressbar spoofing by draging and dropping URLs"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=791597",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=791597"
|
|
},
|
|
{
|
|
"name": "https://www.mozilla.org/security/advisories/mfsa2017-05/",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://www.mozilla.org/security/advisories/mfsa2017-05/"
|
|
},
|
|
{
|
|
"name": "1037966",
|
|
"refsource": "SECTRACK",
|
|
"url": "http://www.securitytracker.com/id/1037966"
|
|
},
|
|
{
|
|
"name": "96692",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/96692"
|
|
}
|
|
]
|
|
}
|
|
} |