Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2015-2711

Published: 13 May 2015

Mozilla Firefox before 38.0 does not recognize a referrer policy delivered by a referrer META element in cases of context-menu navigation and middle-click navigation, which allows remote attackers to obtain sensitive information by reading web-server Referer logs that contain private data in a URL, as demonstrated by a private path component.

Priority

Low

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian 		upstream
Released (38.0)
precise
Released (38.0+build3-0ubuntu0.12.04.1)
trusty Does not exist
(trusty was released [38.0+build3-0ubuntu0.14.04.1])
utopic
Released (38.0+build3-0ubuntu0.14.10.1)
vivid
Released (38.0+build3-0ubuntu0.15.04.1)

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading