CVE-2016-9078
Ubuntu Security Notice USN-3140-1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the "data:" URL in some circumstances. This can result in same-origin violations against a domain if it loads resources from malicious sites. Cross-origin setting of cookies has been demonstrated without the ability to read them. Note: This issue only affects Firefox 49 and 50. This vulnerability affects Firefox < 50.0.1.
Redirección de una conexión HTTP a una URL "data:" asigna el origen del sitio de referencia a la URL "data:" en algunas circunstancias. Esto puede resultar en violaciones de Same-Origin contra un dominio si carga recursos de sitios maliciosos. La configuración Cross-Origin de las cookies se ha demosntrado sin la habilidad para leerlas. Nota: Este problema solo afecta a Firefox 49 y 50. La vulnerabilidad afecta a Firefox en versiones anteriores a la 50.0.1.
It was discovered that data: URLs can inherit the wrong origin after a HTTP redirect in some circumstances. An attacker could potentially exploit this to bypass same-origin restrictions. A use-after-free was discovered in SVG animations. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-10-27 CVE Reserved
- 2016-12-01 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/94569 | Third Party Advisory | |
| http://www.securitytracker.com/id/1037353 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.mozilla.org/show_bug.cgi?id=1317641 | 2024-08-06 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.mozilla.org/security/advisories/mfsa2016-91 | 2018-08-01 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 49.0 Search vendor "Mozilla" for product "Firefox" and version "49.0" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 50.0 Search vendor "Mozilla" for product "Firefox" and version "50.0" | - |
Affected
| ||||||