KLA10909
Security vulnerabilitity in Mozilla Firefox
Updated: 11/15/2018
CVSS
?
7.5
Detect date
?
11/28/2016
Severity
?
Critical
Description

An unspecified vulnerability was found in Mozilla Firefox 49 and 50. It can be exploited to gain priveleges.


Technical details

Redirection from HTTP connection to a data:URL assigns the referring of site origin to the data: URL in some cases. Because of that same-origin violations against a domain in case it loads resources from malicious sites might occur.

NB: This vulnerability have no public CVSS rating so rating can be changed by the time.

NB: At this moment Mozilla just reserved CVE numbers for this vulnerability. Information can be changed soon.

Affected products

Mozilla Firefox earlier than 50.0.1

Solution

Update to the latest version
Download Mozilla Firefox

Original advisories

Mozilla Foundation Security Advisory 2016-91

Impacts
?
PE 
[?]
Related products
Mozilla Firefox
CVE-IDS
?

CVE-2016-9078