CVE-2016-9078 - Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the "dat

CVE-2016-9078

Summary

Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the "data:" URL in some circumstances. This can result in same-origin violations against a domain if it loads resources from malicious sites. Cross-origin setting of cookies has been demonstrated without the ability to read them. Note: This issue only affects Firefox 49 and 50. This vulnerability affects Firefox < 50.0.1.

References

Vulnerable Configurations

cpe:2.3:a:mozilla:firefox:49.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:49.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:50.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:50.0:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 01-08-2018 - 13:53)
Impact:
Exploitability:

CWE

CWE-601

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

bid	94569
confirm	https://bugzilla.mozilla.org/show_bug.cgi?id=1317641 https://www.mozilla.org/security/advisories/mfsa2016-91/
sectrack	1037353

Last major update

01-08-2018 - 13:53

Published

11-06-2018 - 21:29

Last modified

01-08-2018 - 13:53