Closed
Bug 750432
Opened 12 years ago
Closed 11 years ago
SecReview: Add support for Server-Sent DOM Events (Remote Events)
Categories
(mozilla.org :: Security Assurance: Review Request, task, P5)
mozilla.org
Security Assurance: Review Request
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: curtisk, Assigned: posidron)
References
Details
(Whiteboard: [completed secreview][start mm/dd/yyyy][target mm/dd/yyyy][score:12::Low])
SecReview tracking bug Actions regarding the review of the dependent bug should be tracked here.
|
||
Updated•12 years ago
|
Assignee: choller → cdiehl
|
Reporter | |
Comment 1•12 years ago
|
||
Risk/Priority Ranking Exercise https://wiki.mozilla.org/Security/RiskRatings Priority: 1 (P5) - Age Operational: 0 - N/A User: 4 - Critical Privacy: 0 - N/A Engineering: 2 - Normal Reputational: 3 - Major Priority Score: 12
Severity: normal → major
Priority: -- → P5
Whiteboard: [pending secreview] → [pending secreview][start mm/dd/yyyy][target mm/dd/yyyy][score:12::Low]
|
Assignee | |
Comment 2•11 years ago
|
||
An updated version of the DOM SSE fuzzer has been pushed to the fuzzing repository. The fuzzer generates malformed events based on the BNF of the EventSource specification. The protocol feature set is very limited, so is the attack vector of the parser. Nothing was found, marking as complete.
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Whiteboard: [pending secreview][start mm/dd/yyyy][target mm/dd/yyyy][score:12::Low] → [sec-review-complete][start mm/dd/yyyy][target mm/dd/yyyy][score:12::Low]
|
|
Reporter | |
Updated•11 years ago
|
Whiteboard: [sec-review-complete][start mm/dd/yyyy][target mm/dd/yyyy][score:12::Low] → [completed secreview][start mm/dd/yyyy][target mm/dd/yyyy][score:12::Low]
You need to log in
before you can comment on or make changes to this bug.
Description
•