1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
PublicDateAtUSN: 2013-06-25
Candidate: CVE-2013-1698
PublicDate: 2013-06-25
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1698
http://www.mozilla.org/security/announce/2013/mfsa2013-60.html
http://www.ubuntu.com/usn/usn-1890-1
Description:
The getUserMedia permission implementation in Mozilla Firefox before 22.0
references the URL of a top-level document instead of the URL of a specific
page, which makes it easier for remote attackers to trick users into
permitting camera or microphone access via a crafted web site that uses
IFRAME elements.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to: chrisccoulson
Patches_firefox:
upstream_firefox: released (22.0)
lucid_firefox: ignored (reached end-of-life)
precise_firefox: released (22.0+build1-0ubuntu0.12.04.1)
quantal_firefox: released (22.0+build1-0ubuntu0.12.10.1)
raring_firefox: released (22.0+build1-0ubuntu0.13.04.1)
devel_firefox: not-affected (23.0~b2+build1-0ubuntu1)
|