Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote attackers to bypass intended restrictions on same-origin content via a crafted web site in conjunction with a redirect.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox和Thunderbird 权限许可和访问控制漏洞
Vulnerability Description
Mozilla Firefox和Thunderbird都是由美国Mozilla基金会开发。Firefox是一款开源Web浏览器。Thunderbird是从Mozilla Application Suite中独立出来的一套电子邮件客户端软件。 Mozilla Firefox 30.0及之前版本和Thunderbird 24.7及之前版本中存在安全漏洞,该漏洞源于程序没有实现IFRAME元素的沙箱属性。远程攻击者可通过一个与重定向结合的网站利用该漏洞绕过同源内容的访问限制。
CVSS Information
N/A
Vulnerability Type
N/A