Vulnerability CVE-2018-12381: Information
Description
Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. *Note: this issue only affects Windows operating systems with Outlook installed. Other operating systems are not affected.*. This vulnerability affects Firefox ESR < 60.2 and Firefox < 62.
Severity: MEDIUM (5.3) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Fixed packages
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://www.mozilla.org/security/advisories/mfsa2018-21/ |
|
https://www.mozilla.org/security/advisories/mfsa2018-20/ |
|
https://bugzilla.mozilla.org/show_bug.cgi?id=1435319 |
|
1041610 |
|
105280 |
|
GLSA-201810-01 |
|