CVE-2016-5251
published 2016-08-05CVE-2016-5251: Mozilla Firefox before 48.0 allows remote attackers to spoof the location bar via crafted characters in the media type of a data: URL.
PriorityP418medium4.3CVSS 3.0
AVNACLPRNUIRSUCNILAN
EPSS
1.47%
70.7th percentile
Mozilla Firefox before 48.0 allows remote attackers to spoof the location bar via crafted characters in the media type of a data: URL.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 48.0-1 (sid) | firefox 48.0-1 (sid) |
| debian | firefox-esr | < firefox 48.0-1 (sid) | firefox 48.0-1 (sid) |
| glance_project | glance | >= 0 < 1:2014.1.5-0ubuntu1.1 | 1:2014.1.5-0ubuntu1.1 |
| mozilla | firefox | <= 47.0.1 | — |
| mozilla | firefox | >= 0 < 48.0+build2-0ubuntu0.14.04.1 | 48.0+build2-0ubuntu0.14.04.1 |
| mozilla | firefox | >= 0 < 48.0+build2-0ubuntu0.16.04.1 | 48.0+build2-0ubuntu0.16.04.1 |
CVSS provenance
nvdv3.04.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv9.8CRITICAL
vendor_ubuntu9.8CRITICAL
vendor_debian4.3MEDIUM
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Firefox vulnerabilities
vendor_ubuntu·2016-08-05·CVSS 9.8
CVE-2016-0718 [CRITICAL] Firefox vulnerabilities
Title: Firefox vulnerabilities
Summary: Firefox could be made to crash or run programs as your login if it
opened a malicious website.
Gustavo Grieco discovered an out-of-bounds read during XML parsing in
some circumstances. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit this to cause a
denial of service via application crash, or obtain sensitive information.
(CVE-2016-0718)
Toni Huttunen discovered that once a favicon is requested from a site,
the remote server can keep the network connection open even after the page
is closed. A remote attacked could potentially exploit this to track
users, resulting in information disclosure. (CVE-2016-2830)
Christian Holler, Tyson Smith, Boris Zbarsky, Byron Campen, Julian Seward,
Carsten Boo
Red Hat
Mozilla: Location bar spoofing via data URLs with malformed/invalid mediatypes (MFSA 2016-66)
vendor_redhat·2016-08-02·CVSS 4.3
CVE-2016-5251 [MEDIUM] Mozilla: Location bar spoofing via data URLs with malformed/invalid mediatypes (MFSA 2016-66)
Mozilla: Location bar spoofing via data URLs with malformed/invalid mediatypes (MFSA 2016-66)
Mozilla Firefox before 48.0 allows remote attackers to spoof the location bar via crafted characters in the media type of a data: URL.
Statement: This issue does not affect the version of firefox and thunderbird as shipped with Red Hat Enterprise Linux 5, 6 and 7.
Package: firefox (Red Hat Enterprise Linux 5) - Not affected
Package: thunderbird (Red Hat Enterprise Linux 5) - Not affected
Package: firefox (Red Hat Enterprise Linux 6) - Not affected
Package: thunderbird (Red Hat Enterprise Linux 6) - Not affected
Package: firefox (Red Hat Enterprise Linux 7) - Not affected
Package: thunderbird (Red Hat Enterprise Linux 7) - Not affected
Debian
CVE-2016-5251: firefox - Mozilla Firefox before 48.0 allows remote attackers to spoof the location bar vi...
vendor_debian·2016·CVSS 4.3
CVE-2016-5251 [MEDIUM] CVE-2016-5251: firefox - Mozilla Firefox before 48.0 allows remote attackers to spoof the location bar vi...
Mozilla Firefox before 48.0 allows remote attackers to spoof the location bar via crafted characters in the media type of a data: URL.
Scope: local
sid: resolved (fixed in 48.0-1)
GHSA
GHSA-p834-7563-6j4f: Mozilla Firefox before 48
ghsa_unreviewed·2022-05-17
CVE-2016-5251 [MEDIUM] CWE-20 GHSA-p834-7563-6j4f: Mozilla Firefox before 48
Mozilla Firefox before 48.0 allows remote attackers to spoof the location bar via crafted characters in the media type of a data: URL.
OSV
glance vulnerabilities
osv·2017-10-11·CVSS 5.5
CVE-2015-5251 glance vulnerabilities
glance vulnerabilities
Hemanth Makkapati discovered that OpenStack Glance incorrectly handled
access restrictions. A remote authenticated user could use this issue to
change the status of images, contrary to access restrictions.
(CVE-2015-5251)
Mike Fedosin and Alexei Galkin discovered that OpenStack Glance incorrectly
handled the storage quota. A remote authenticated user could use this issue
to consume disk resources, leading to a denial of service. (CVE-2015-5286)
Erno Kuvaja discovered that OpenStack Glance incorrectly handled the
show_multiple_locations option. When show_multiple_locations is enabled,
a remote authenticated user could change an image status and upload new
image data. (CVE-2016-0757)
OSV
firefox vulnerabilities
osv·2016-08-05·CVSS 9.8
CVE-2016-0718 [CRITICAL] firefox vulnerabilities
firefox vulnerabilities
Gustavo Grieco discovered an out-of-bounds read during XML parsing in
some circumstances. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit this to cause a
denial of service via application crash, or obtain sensitive information.
(CVE-2016-0718)
Toni Huttunen discovered that once a favicon is requested from a site,
the remote server can keep the network connection open even after the page
is closed. A remote attacked could potentially exploit this to track
users, resulting in information disclosure. (CVE-2016-2830)
Christian Holler, Tyson Smith, Boris Zbarsky, Byron Campen, Julian Seward,
Carsten Book, Gary Kwong, Jesse Ruderman, Andrew McCreight, and Phil
Ringnalda discovered multiple memory safety issues in
OSV
CVE-2016-5251: Mozilla Firefox before 48
osv·2016-08-03·CVSS 4.3
CVE-2016-5251 [MEDIUM] CVE-2016-5251: Mozilla Firefox before 48
Mozilla Firefox before 48.0 allows remote attackers to spoof the location bar via crafted characters in the media type of a data: URL.
No detection rules found.
No public exploits indexed.
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.htmlhttp://www.mozilla.org/security/announce/2016/mfsa2016-66.htmlhttp://www.securityfocus.com/bid/92260http://www.securitytracker.com/id/1036508http://www.ubuntu.com/usn/USN-3044-1https://bugzilla.mozilla.org/show_bug.cgi?id=1255570https://security.gentoo.org/glsa/201701-15http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.htmlhttp://www.mozilla.org/security/announce/2016/mfsa2016-66.htmlhttp://www.securityfocus.com/bid/92260http://www.securitytracker.com/id/1036508http://www.ubuntu.com/usn/USN-3044-1https://bugzilla.mozilla.org/show_bug.cgi?id=1255570https://security.gentoo.org/glsa/201701-15
2016-08-05
Published