CVE-2018-18496

Priority
Description
When the RSS Feed preview about:feeds page is framed within another page,
it can be used in concert with scripted content for a clickjacking attack
that confuses users into downloading and executing an executable file from
a temporary directory. *Note: This issue only affects Windows operating
systems. Other operating systems are not affected.*. This vulnerability
affects Firefox < 64.
Assigned-to
chrisccoulson
Notes
Package
Upstream:released (64.0)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [Windows only])
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (Windows only)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (Windows only)
More Information

Updated: 2020-03-18 22:51:55 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)