SecuritySpace - CVE-2018-12391

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2018-12391

Description: During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. *Note: this issue only affects Firefox for Android. Desktop versions of Firefox are unaffected.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2018-12391
BugTraq ID: 105718
http://www.securityfocus.com/bid/105718
BugTraq ID: 105769
http://www.securityfocus.com/bid/105769
https://security.gentoo.org/glsa/201811-13
http://www.securitytracker.com/id/1041944

CVE ID:	CVE-2018-12391
Description:	During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. Note: this issue only affects Firefox for Android. Desktop versions of Firefox are unaffected.. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2018-12391 BugTraq ID: 105718 http://www.securityfocus.com/bid/105718 BugTraq ID: 105769 http://www.securityfocus.com/bid/105769 https://security.gentoo.org/glsa/201811-13 http://www.securitytracker.com/id/1041944