Oracle Solaris 11: CVE-2017-7823: Vulnerability in Firefox, Thunderbird
|4||(AV:L/AC:M/Au:N/C:P/I:P/A:P)||November 29, 2017||November 29, 2017||January 16, 2018|
The content security policy (CSP) sandbox directive did not create a unique origin for the document, causing it to behave as if the allow-same-origin keyword were always specified. This could allow a Cross-Site Scripting (XSS) attack to be launched from unsafe content.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!
- Gentoo Linux: CVE-2017-7823: Mozilla Firefox: Multiple vulnerabilities
- MFSA2017-22 Firefox: Security vulnerabilities fixed in Firefox ESR 52.4 (CVE-2017-7823)
- Alpine Linux: CVE-2017-7823: firefox-esr Multiple vulnerabilities
- MFSA2017-23 Thunderbird: Security vulnerabilities fixed in Thunderbird 52.4 (CVE-2017-7823)