Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/#CVE-2017-5408 Acknowledgements: Name: the Mozilla project Upstream: Eric Lawrence of Chrome Security
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:0461 https://rhn.redhat.com/errata/RHSA-2017-0461.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 Via RHSA-2017:0459 https://rhn.redhat.com/errata/RHSA-2017-0459.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2017:0498 https://rhn.redhat.com/errata/RHSA-2017-0498.html