FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

palemoon -- multiple vulnerabilities

Affected packages
palemoon < 27.6.2

Details

VuXML ID 6056bf68-f570-4e70-b740-b9f606971283
Discovery 2017-11-14
Entry 2017-11-28

Pale Moon reports:

CVE-2017-7832: Domain spoofing through use of dotless 'i' character followed by accent markers

CVE-2017-7835: Mixed content blocking incorrectly applies with redirects

CVE-2017-7840: Exported bookmarks do not strip script elements from user-supplied tags

References

CVE Name CVE-2017-7832
CVE Name CVE-2017-7835
CVE Name CVE-2017-7840