Executive Summary

Informations
NameCVE-2019-11737First vendor Publication2019-09-27
VendorCveLast vendor Modification2019-10-02

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:N)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox < 69.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11737

CWE : Common Weakness Enumeration

%idName
100 %CWE-345Insufficient Verification of Data Authenticity

CPE : Common Platform Enumeration

TypeDescriptionCount
Application420

Sources (Detail)

SourceUrl
CONFIRM https://www.mozilla.org/security/advisories/mfsa2019-25/
MISC https://bugzilla.mozilla.org/show_bug.cgi?id=1388015

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2019-10-02 17:18:49
  • Multiple Updates
2019-09-28 12:10:54
  • First insertion