Mozilla Firefox Address Bar Spoofing Vulnerability (CVE-2015-7185)

Mozilla Firefox Address Bar Spoofing Vulnerability (CVE-2015-7185)
Mozilla Firefox Address Bar Spoofing Vulnerability (CVE-2015-7185)

Release date:
Updated on:

Affected Systems:

Mozilla Firefox <42.0
Mozilla Firefox ESR 38. x-38.4

Description:

CVE (CAN) ID: CVE-2015-7185

Mozilla Firefox is an open-source web browser that uses the Gecko engine.

On Android systems, Mozilla Firefox versions earlier than 42.0 do not ensure that the address is restored after full screen exit. Remote attackers can cheat the address bar by constructing JavaScript code.

<* Source: vendor
*>

Suggestion:

Vendor patch:

Mozilla
-------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.mozilla.org/security/announce/2015/mfsa2015-119.html
Https://bugzilla.mozilla.org/show_bug.cgi? Id = 1149000

Manually install Firefox Flash plug-in Ubuntu 14.04

Replacement of Firefox in Ubuntu

Use apt-get to install FireFox and ThunderBird In Debian Linux

Stable Firefox 29 version released-how to install

Mozilla Firefox 31.0 official release and download

Firefox details: click here
Firefox: click here

This article permanently updates the link address: