Vulnerability & Exploit Database

Displaying entries 1 - 10 of 13 in total

Results for: CVE-2018-18494 Back to search

Gentoo Linux: CVE-2018-18494: Mozilla Firefox: Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: February 28, 2019

A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, an...

Alpine Linux: CVE-2018-18494: firefox-esr Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: February 28, 2019

A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, an...

Oracle Solaris 11: CVE-2018-18494: Vulnerability in Firefox Vulnerability

  • Severity: 4
  • Published: February 20, 2019

A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, an...

MFSA2018-31 Thunderbird: Security vulnerabilities fixed in Thunderbird 60.4 (CVE-2018-18494) Vulnerability

  • Severity: 4
  • Published: December 21, 2018

A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, an...

Red Hat: CVE-2018-18494: Critical: firefox security update (Multiple Advisories) Vulnerability

  • Severity: 4
  • Published: December 17, 2018

A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, an...

Ubuntu: (Multiple Advisories) (CVE-2018-18494): Thunderbird vulnerabilities Vulnerability

  • Severity: 4
  • Published: December 11, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From USN-3868-1:

Multiple security issues were discovered in Thunderbird. If a user were

tricked in to opening a specially crafted website in a brow...

SUSE: CVE-2018-18494: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: December 11, 2018

A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, an...

Oracle Linux: (CVE-2018-18494) (Multiple Advisories): thunderbird security update Vulnerability

  • Severity: 4
  • Published: December 11, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From ELSA-2019-0159:

[60.4.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [60.4.0-1] - Update to 60.4.0 [60...

MFSA2018-30 Firefox: Security vulnerabilities fixed in Firefox ESR 60.4 (CVE-2018-18494) Vulnerability

  • Severity: 4
  • Published: December 11, 2018

A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, an...

MFSA2018-29 Firefox: Security vulnerabilities fixed in Firefox 64 (CVE-2018-18494) Vulnerability

  • Severity: 4
  • Published: December 11, 2018

A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, an...