Home

CVE-2016-9078

Description

Redirection from an HTTP connection to a data: URL assigns the referring sites origin to the data: URL in some circumstances. This can result in same-origin violations against a domain if it loads resources from malicious sites. Cross-origin setting of cookies has been demonstrated without the ability to read them. Note: This issue only affects Firefox 49 and 50. This vulnerability affects Firefox < 50.0.1.

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
1.176

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2016-9078 are fixed in Mozilla Firefox For Mac 50.0.1Mac
Vulnerabilities CVE-2016-9078 are affected in Mozilla Firefox for Mac 49.0Mac
Vulnerabilities CVE-2016-9078 are affected in Mozilla Firefox for Mac 50.0Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-611870Mozilla Firefox For Mac (142.0.1)
PATCH-611870Mozilla Firefox For Mac (142.0.1)
PATCH-611870Mozilla Firefox For Mac (142.0.1)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234