CVE-2016-2830
published 2016-08-05CVE-2016-2830: Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used for favicon resource retrieval after the associated browser…
PriorityP417medium4.3CVSS 3.0
AVNACLPRNUIRSUCLINAN
EPSS
1.46%
70.4th percentile
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used for favicon resource retrieval after the associated browser window is closed, which makes it easier for remote web servers to track users by observing network traffic from multiple IP addresses.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 48.0-1 (sid) | firefox 48.0-1 (sid) |
| debian | firefox-esr | < firefox 48.0-1 (sid) | firefox 48.0-1 (sid) |
| mozilla | firefox | <= 47.0.1 | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | >= 0 < 48.0+build2-0ubuntu0.14.04.1 | 48.0+build2-0ubuntu0.14.04.1 |
| mozilla | firefox | >= 0 < 48.0+build2-0ubuntu0.16.04.1 | 48.0+build2-0ubuntu0.16.04.1 |
CVSS provenance
nvdv3.04.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
osv9.8CRITICAL
vendor_ubuntu9.8CRITICAL
vendor_debian4.3MEDIUM
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Firefox vulnerabilities
vendor_ubuntu·2016-08-05·CVSS 9.8
CVE-2016-0718 [CRITICAL] Firefox vulnerabilities
Title: Firefox vulnerabilities
Summary: Firefox could be made to crash or run programs as your login if it
opened a malicious website.
Gustavo Grieco discovered an out-of-bounds read during XML parsing in
some circumstances. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit this to cause a
denial of service via application crash, or obtain sensitive information.
(CVE-2016-0718)
Toni Huttunen discovered that once a favicon is requested from a site,
the remote server can keep the network connection open even after the page
is closed. A remote attacked could potentially exploit this to track
users, resulting in information disclosure. (CVE-2016-2830)
Christian Holler, Tyson Smith, Boris Zbarsky, Byron Campen, Julian Seward,
Carsten Boo
Red Hat
Mozilla: Favicon network connection persists when page is closed (MFSA 2016-62)
vendor_redhat·2016-08-02·CVSS 4.3
CVE-2016-2830 [MEDIUM] Mozilla: Favicon network connection persists when page is closed (MFSA 2016-62)
Mozilla: Favicon network connection persists when page is closed (MFSA 2016-62)
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used for favicon resource retrieval after the associated browser window is closed, which makes it easier for remote web servers to track users by observing network traffic from multiple IP addresses.
Debian
CVE-2016-2830: firefox - Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the networ...
vendor_debian·2016·CVSS 4.3
CVE-2016-2830 [MEDIUM] CVE-2016-2830: firefox - Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the networ...
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used for favicon resource retrieval after the associated browser window is closed, which makes it easier for remote web servers to track users by observing network traffic from multiple IP addresses.
Scope: local
sid: resolved (fixed in 48.0-1)
GHSA
GHSA-wfq5-5w67-p795: Mozilla Firefox before 48
ghsa_unreviewed·2022-05-17
CVE-2016-2830 [MEDIUM] CWE-200 GHSA-wfq5-5w67-p795: Mozilla Firefox before 48
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used for favicon resource retrieval after the associated browser window is closed, which makes it easier for remote web servers to track users by observing network traffic from multiple IP addresses.
OSV
firefox vulnerabilities
osv·2016-08-05·CVSS 9.8
CVE-2016-0718 [CRITICAL] firefox vulnerabilities
firefox vulnerabilities
Gustavo Grieco discovered an out-of-bounds read during XML parsing in
some circumstances. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit this to cause a
denial of service via application crash, or obtain sensitive information.
(CVE-2016-0718)
Toni Huttunen discovered that once a favicon is requested from a site,
the remote server can keep the network connection open even after the page
is closed. A remote attacked could potentially exploit this to track
users, resulting in information disclosure. (CVE-2016-2830)
Christian Holler, Tyson Smith, Boris Zbarsky, Byron Campen, Julian Seward,
Carsten Book, Gary Kwong, Jesse Ruderman, Andrew McCreight, and Phil
Ringnalda discovered multiple memory safety issues in
OSV
CVE-2016-2830: Mozilla Firefox before 48
osv·2016-08-05·CVSS 4.3
CVE-2016-2830 [MEDIUM] CVE-2016-2830: Mozilla Firefox before 48
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used for favicon resource retrieval after the associated browser window is closed, which makes it easier for remote web servers to track users by observing network traffic from multiple IP addresses.
No detection rules found.
No public exploits indexed.
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.htmlhttp://rhn.redhat.com/errata/RHSA-2016-1551.htmlhttp://www.debian.org/security/2016/dsa-3640http://www.mozilla.org/security/announce/2016/mfsa2016-63.htmlhttp://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.htmlhttp://www.securityfocus.com/bid/92261http://www.securitytracker.com/id/1036508http://www.ubuntu.com/usn/USN-3044-1https://bugzilla.mozilla.org/show_bug.cgi?id=1255270https://security.gentoo.org/glsa/201701-15http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.htmlhttp://rhn.redhat.com/errata/RHSA-2016-1551.htmlhttp://www.debian.org/security/2016/dsa-3640http://www.mozilla.org/security/announce/2016/mfsa2016-63.htmlhttp://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.htmlhttp://www.securityfocus.com/bid/92261http://www.securitytracker.com/id/1036508http://www.ubuntu.com/usn/USN-3044-1https://bugzilla.mozilla.org/show_bug.cgi?id=1255270https://security.gentoo.org/glsa/201701-15
2016-08-05
Published