1
PublicDateAtUSN: 2017-11-15
2
Candidate: CVE-2017-7830
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7830
6
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/
7
https://usn.ubuntu.com/usn/usn-3477-1
8
https://usn.ubuntu.com/usn/usn-3490-1
10
The Resource Timing API incorrectly revealed navigations in cross-origin
11
iframes. This is a same-origin policy violation and could allow for data
12
theft of URLs loaded by users. This vulnerability affects Firefox < 57,
13
Firefox ESR < 52.5, and Thunderbird < 52.5.
19
Assigned-to: chrisccoulson
22
upstream_firefox: released (57.0)
23
precise/esm_firefox: DNE
24
trusty_firefox: released (57.0+build4-0ubuntu0.14.04.4)
25
xenial_firefox: released (57.0+build4-0ubuntu0.16.04.5)
26
zesty_firefox: released (57.0+build4-0ubuntu0.17.04.5)
27
artful_firefox: released (57.0+build4-0ubuntu0.17.10.5)
28
bionic_firefox: released (57.0.1+build2-0ubuntu1)
29
devel_firefox: released (57.0.1+build2-0ubuntu1)
32
Priority_thunderbird: low
33
upstream_thunderbird: released (52.5.0)
34
precise/esm_thunderbird: DNE
35
trusty_thunderbird: released (1:52.5.0+build1-0ubuntu0.14.04.1)
36
xenial_thunderbird: released (1:52.5.0+build1-0ubuntu0.16.04.1)
37
zesty_thunderbird: released (1:52.5.0+build1-0ubuntu0.14.04.1)
38
artful_thunderbird: released (1:52.5.0+build1-0ubuntu0.17.10.1)
39
bionic_thunderbird: released (1:52.6.0+build1-0ubuntu1)
40
devel_thunderbird: released (1:52.6.0+build1-0ubuntu1)