First published: Tue Mar 07 2017(Updated: )
Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and read text values across domains. This violates same-origin policy and leads to information disclosure.
Credit: security@mozilla.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mozilla Thunderbird | <45.8 | 45.8 |
Mozilla Firefox | <52 | 52 |
Mozilla Firefox ESR | <45.8 | 45.8 |
<45.8 | 45.8 | |
Mozilla Thunderbird | <52 | 52 |
Debian Debian Linux | =8.0 | |
Redhat Enterprise Linux | =5.0 | |
Redhat Enterprise Linux | =6.0 | |
Redhat Enterprise Linux | =7.0 | |
Redhat Enterprise Linux Desktop | =5.0 | |
Redhat Enterprise Linux Desktop | =6.0 | |
Redhat Enterprise Linux Desktop | =7.0 | |
Redhat Enterprise Linux Server | =5.0 | |
Redhat Enterprise Linux Server | =6.0 | |
Redhat Enterprise Linux Server | =7.0 | |
Redhat Enterprise Linux Server Aus | =7.3 | |
Redhat Enterprise Linux Server Aus | =7.4 | |
Redhat Enterprise Linux Server Eus | =7.3 | |
Redhat Enterprise Linux Server Eus | =7.4 | |
Redhat Enterprise Linux Server Eus | =7.5 | |
Redhat Enterprise Linux Workstation | =5.0 | |
Redhat Enterprise Linux Workstation | =6.0 | |
Redhat Enterprise Linux Workstation | =7.0 | |
Mozilla Firefox | <52.0 | |
Mozilla Firefox ESR | <45.8.0 | |
Mozilla Thunderbird | <45.8.0 | |
Mozilla Thunderbird | <52.0 | |
debian/firefox | 118.0.2-1 | |
debian/firefox-esr | 91.12.0esr-1~deb10u1 115.3.1esr-1~deb10u1 102.15.0esr-1~deb11u1 115.3.1esr-1~deb11u1 102.15.1esr-1~deb12u1 115.3.0esr-1~deb12u1 115.3.0esr-1 115.4.0esr-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)