CVE-2016-2820
published 2016-04-30CVE-2016-2820: The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46.0 does not properly restrict the origin of events, which makes…
PriorityP420medium4.3CVSS 3.0
AVNACLPRNUIRSUCNILAN
EPSS
1.41%
69.4th percentile
The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46.0 does not properly restrict the origin of events, which makes it easier for remote attackers to modify sharing preferences by leveraging access to the remote-report IFRAME element.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 46.0-1 (sid) | firefox 46.0-1 (sid) |
| debian | firefox-esr | < firefox 46.0-1 (sid) | firefox 46.0-1 (sid) |
| mozilla | firefox | <= 45.0.2 | — |
| mozilla | firefox | >= 0 < 46.0+build5-0ubuntu0.14.04.2 | 46.0+build5-0ubuntu0.14.04.2 |
| mozilla | firefox | >= 0 < 46.0.1+build1-0ubuntu0.14.04.3 | 46.0.1+build1-0ubuntu0.14.04.3 |
| mozilla | firefox | >= 0 < 46.0+build5-0ubuntu0.16.04.2 | 46.0+build5-0ubuntu0.16.04.2 |
| mozilla | firefox | >= 0 < 46.0.1+build1-0ubuntu0.16.04.2 | 46.0.1+build1-0ubuntu0.16.04.2 |
CVSS provenance
nvdv3.04.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv8.8HIGH
vendor_ubuntu8.8HIGH
vendor_debian4.3MEDIUM
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Firefox regression
vendor_ubuntu·2016-05-19·CVSS 8.8
[HIGH] Firefox regression
Title: Firefox regression
Summary: USN-2936-1 introduced a regression in Firefox.
USN-2936-1 fixed vulnerabilities in Firefox. The update caused an issue
where a device update POST request was sent every time about:preferences#sync
was shown. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Christian Holler, Tyson Smith, Phil Ringalda, Gary Kwong, Jesse Ruderman,
Mats Palmgren, Carsten Book, Boris Zbarsky, David Bolter, Randell Jesup,
Andrew McCreight, and Steve Fink discovered multiple memory safety issues
in Firefox. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit these to cause a denial of
service via application crash, or execute arbitrary code with the
privileges of the user invok
Ubuntu
Oxygen-GTK3 update
vendor_ubuntu·2016-05-02·CVSS 8.8
[HIGH] Oxygen-GTK3 update
Title: Oxygen-GTK3 update
Summary: USN-2936-1 caused Firefox to crash on startup with the Oxygen GTK theme
USN-2936-1 fixed vulnerabilities in Firefox. The update caused Firefox to
crash on startup with the Oxygen GTK theme due to a pre-existing bug in
the Oxygen-GTK3 theme engine. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Christian Holler, Tyson Smith, Phil Ringalda, Gary Kwong, Jesse Ruderman,
Mats Palmgren, Carsten Book, Boris Zbarsky, David Bolter, Randell Jesup,
Andrew McCreight, and Steve Fink discovered multiple memory safety issues
in Firefox. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit these to cause a denial of
service via application crash, or execute arbitrary co
Ubuntu
Firefox vulnerabilities
vendor_ubuntu·2016-04-27·CVSS 8.8
CVE-2016-2804 [HIGH] Firefox vulnerabilities
Title: Firefox vulnerabilities
Summary: Firefox could be made to crash or run programs as your login if it
opened a malicious website.
Christian Holler, Tyson Smith, Phil Ringalda, Gary Kwong, Jesse Ruderman,
Mats Palmgren, Carsten Book, Boris Zbarsky, David Bolter, Randell Jesup,
Andrew McCreight, and Steve Fink discovered multiple memory safety issues
in Firefox. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit these to cause a denial of
service via application crash, or execute arbitrary code with the
privileges of the user invoking Firefox. (CVE-2016-2804, CVE-2016-2806,
CVE-2016-2807)
An invalid write was discovered when using the JavaScript .watch() method in
some circumstances. If a user were tricked in to opening a specially
Red Hat
Mozilla: Firefox Health Reports could accept events from untrusted domains (MFSA 2016-48)
vendor_redhat·2016-04-26·CVSS 4.3
CVE-2016-2820 [MEDIUM] Mozilla: Firefox Health Reports could accept events from untrusted domains (MFSA 2016-48)
Mozilla: Firefox Health Reports could accept events from untrusted domains (MFSA 2016-48)
The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46.0 does not properly restrict the origin of events, which makes it easier for remote attackers to modify sharing preferences by leveraging access to the remote-report IFRAME element.
Package: firefox (Red Hat Enterprise Linux 5) - Not affected
Package: firefox (Red Hat Enterprise Linux 6) - Not affected
Package: firefox (Red Hat Enterprise Linux 7) - Not affected
Debian
CVE-2016-2820: firefox - The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Fi...
vendor_debian·2016·CVSS 4.3
CVE-2016-2820 [MEDIUM] CVE-2016-2820: firefox - The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Fi...
The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46.0 does not properly restrict the origin of events, which makes it easier for remote attackers to modify sharing preferences by leveraging access to the remote-report IFRAME element.
Scope: local
sid: resolved (fixed in 46.0-1)
GHSA
GHSA-9f9w-vwq3-c9fh: The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46
ghsa_unreviewed·2022-05-17
CVE-2016-2820 [MEDIUM] CWE-284 GHSA-9f9w-vwq3-c9fh: The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46
The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46.0 does not properly restrict the origin of events, which makes it easier for remote attackers to modify sharing preferences by leveraging access to the remote-report IFRAME element.
OSV
firefox regression
osv·2016-05-19·CVSS 8.8
[HIGH] firefox regression
firefox regression
USN-2936-1 fixed vulnerabilities in Firefox. The update caused an issue
where a device update POST request was sent every time about:preferences#sync
was shown. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Christian Holler, Tyson Smith, Phil Ringalda, Gary Kwong, Jesse Ruderman,
Mats Palmgren, Carsten Book, Boris Zbarsky, David Bolter, Randell Jesup,
Andrew McCreight, and Steve Fink discovered multiple memory safety issues
in Firefox. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit these to cause a denial of
service via application crash, or execute arbitrary code with the
privileges of the user invoking Firefox. (CVE-2016-2804, CVE-2016-2806,
CVE-2016-2807)
An i
OSV
firefox vulnerabilities
osv·2016-04-27·CVSS 8.8
[HIGH] firefox vulnerabilities
firefox vulnerabilities
Christian Holler, Tyson Smith, Phil Ringalda, Gary Kwong, Jesse Ruderman,
Mats Palmgren, Carsten Book, Boris Zbarsky, David Bolter, Randell Jesup,
Andrew McCreight, and Steve Fink discovered multiple memory safety issues
in Firefox. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit these to cause a denial of
service via application crash, or execute arbitrary code with the
privileges of the user invoking Firefox. (CVE-2016-2804, CVE-2016-2806,
CVE-2016-2807)
An invalid write was discovered when using the JavaScript .watch() method in
some circumstances. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial of
service via application crash,
OSV
CVE-2016-2820: The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46
osv·2016-04-27·CVSS 4.3
CVE-2016-2820 [MEDIUM] CVE-2016-2820: The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46
The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46.0 does not properly restrict the origin of events, which makes it easier for remote attackers to modify sharing preferences by leveraging access to the remote-report IFRAME element.
No detection rules found.
No public exploits indexed.
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.htmlhttp://lists.opensuse.org/opensuse-updates/2016-05/msg00038.htmlhttp://www.mozilla.org/security/announce/2016/mfsa2016-48.htmlhttp://www.securitytracker.com/id/1035692http://www.ubuntu.com/usn/USN-2936-1http://www.ubuntu.com/usn/USN-2936-2http://www.ubuntu.com/usn/USN-2936-3https://bugzilla.mozilla.org/show_bug.cgi?id=870870https://security.gentoo.org/glsa/201701-15http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.htmlhttp://lists.opensuse.org/opensuse-updates/2016-05/msg00038.htmlhttp://www.mozilla.org/security/announce/2016/mfsa2016-48.htmlhttp://www.securitytracker.com/id/1035692http://www.ubuntu.com/usn/USN-2936-1http://www.ubuntu.com/usn/USN-2936-2http://www.ubuntu.com/usn/USN-2936-3https://bugzilla.mozilla.org/show_bug.cgi?id=870870https://security.gentoo.org/glsa/201701-15
2016-04-30
Published