Computer Security
[EN] securityvulns.ru no-pyccku


unity firefox extension crossorigin policy bypass
Published:17.12.2012
Source:
SecurityVulns ID:12785
Type:client
Threat Level:
5/10
Affected:UNITY : unity-firefox-extension 2.4
CVE:CVE-2012-0958 (content/unity-api.js in the unity-firefox-extension extension 2.4.1 for Firefox exposes the toDataURL function in an API call, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted webpage.)
Original documentdocumentUBUNTU, [USN-1665-1] unity-firefox-extension vulnerability (17.12.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod