If web content on a page is dragged onto portions of the browser UI, such as the tab bar, links can be opened that otherwise would not be allowed to open. This can allow malicious web content to open a locally stored file through "file:" URLs. This vulnerability affects Firefox < 56.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/101057 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1039465 | Third Party Advisory VDB Entry |
https://bugzilla.mozilla.org/show_bug.cgi?id=1379842 | Exploit Issue Tracking |
https://www.mozilla.org/security/advisories/mfsa2017-21/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mozilla
Published: 2018-06-11T21:00:00
Updated: 2018-06-12T09:57:01
Reserved: 2017-04-12T00:00:00
Link: CVE-2017-7812
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-06-11T21:29:10.437
Modified: 2018-06-25T19:19:30.070
Link: CVE-2017-7812
JSON object: View
Redhat Information
No data.
CWE