CVE-2002-2437 in FirefoxИнформация

Сводка

по MITRE

The JavaScript implementation in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Резервировать

07.12.2011

Раскрытие

07.12.2011

Модерация

принято

Вход

VDB-59598

CPE

готов

CWE

CWE-264 (Подтверждённый)

CVSS

5.3 (VulDB)

EPSS

0.01333

KEV

Нет

Деятельности

Очень низкий

Сектор

Finance, Education, ...

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-2437
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-2437
CVE Details	https://www.cvedetails.com/cve/CVE-2002-2437/

◂ Предыдущий Обзор Далее ▸

Do you know our Splunk app?

Download it now for free!