Mozilla Firefox Address Bar Spoofing Vulnerability (CVE-2015-7185)
Mozilla Firefox Address Bar Spoofing Vulnerability (CVE-2015-7185)
Release date:
Updated on:
Affected Systems:
Mozilla Firefox <42.0
Mozilla Firefox ESR 38. x-38.4
Description:
CVE (CAN) ID: CVE-2015-7185
Mozilla Firefox is an open-source web browser that uses the Gecko engine.
On Android systems, Mozilla Firefox versions earlier than 42.0 do not ensure that the address is restored after full screen exit. Remote attackers can cheat the address bar by constructing JavaScript code.
<* Source: vendor
*>
Suggestion:
Vendor patch:
Mozilla
-------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.mozilla.org/security/announce/2015/mfsa2015-119.html
Https://bugzilla.mozilla.org/show_bug.cgi? Id = 1149000
Manually install Firefox Flash plug-in Ubuntu 14.04
Replacement of Firefox in Ubuntu
Use apt-get to install FireFox and ThunderBird In Debian Linux
Stable Firefox 29 version released-how to install
Mozilla Firefox 31.0 official release and download
Firefox details: click here
Firefox: click here
This article permanently updates the link address: