CVE-2016-9078 — Open Redirect in Mozilla Firefox

CWE-601 — Open Redirect6 documents5 sources

Severity

8.8HIGHNVD

EPSS

1.2%

top 21.27%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Debian Firefox Debian Firefox-esr

Timeline

PublishedJun 11

Latest updateMay 14

Description

Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the "data:" URL in some circumstances. This can result in same-origin violations against a domain if it loads resources from malicious sites. Cross-origin setting of cookies has been demonstrated without the ability to read them. Note: This issue only affects Firefox 49 and 50. This vulnerability affects Firefox < 50.0.1.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages5 packages

▶debiandebian/firefox< firefox 50.0.2-1 (sid)

▶CVEListV5mozilla/firefoxunspecified — 50.0.1

▶debiandebian/firefox-esr< firefox 50.0.2-1 (sid)

▶Ubuntumozilla/firefox< 50.0.2+build1-0ubuntu0.14.04.1+1

▶NVDmozilla/firefox49.0, 50.0+1

Patches

Patch: bugzilla.mozilla.org ↗Patch: bugzilla.mozilla.org ↗

🔴Vulnerability Details

GHSA

GHSA-97gg-j6v9-fvp7: Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the "data:" URL in some circumstances↗2022-05-14

▶

OSV

CVE-2016-9078: Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the "data:" URL in some circumstances↗2016-11-30

▶

OSV

firefox vulnerabilities↗2016-11-30

▶

📋Vendor Advisories

Ubuntu

Firefox vulnerabilities↗2016-11-30

▶

Debian

CVE-2016-9078: firefox - Redirection from an HTTP connection to a "data:" URL assigns the referring site'...↗2016

▶