It exists that Thunderbird allowed PAC files to specify that requests to localhost are sent through the proxy to another server. If proxy auto-detection is enabled, an attacker could potentially exploit this to conduct attacks on local services and tools. (CVE-2018-18506)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox |
||
mozilla firefox esr |
||
mozilla thunderbird |
||
redhat enterprise linux 8.0 |
||
redhat enterprise linux eus 8.1 |
||
redhat enterprise linux eus 8.2 |
||
redhat enterprise linux eus 8.4 |
||
redhat enterprise linux server aus 8.2 |
||
redhat enterprise linux server aus 8.4 |
||
redhat enterprise linux server tus 8.2 |
||
redhat enterprise linux server tus 8.4 |