Showing 1 - 3 of 3

CVE-2016-2830

Status Candidate

Overview

Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used for favicon resource retrieval after the associated browser window is closed, which makes it easier for remote web servers to track users by observing network traffic from multiple IP addresses.

Related Files

Ubuntu Security Notice USN-3044-1: Posted Aug 5, 2016; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3044-1 - Gustavo Grieco discovered an out-of-bounds read during XML parsing in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or obtain sensitive information. Toni Huttunen discovered that once a favicon is requested from a site, the remote server can keep the network connection open even after the page is closed. A remote attacker could potentially exploit this to track users, resulting in information disclosure. Various other issues were also addressed.; tags | advisory, remote, denial of service, info disclosure; systems | linux, ubuntu; advisories | CVE-2016-0718, CVE-2016-2830, CVE-2016-2835, CVE-2016-2836, CVE-2016-2837, CVE-2016-2838, CVE-2016-2839, CVE-2016-5250, CVE-2016-5251, CVE-2016-5252, CVE-2016-5254, CVE-2016-5255, CVE-2016-5258, CVE-2016-5259, CVE-2016-5260, CVE-2016-5261, CVE-2016-5262, CVE-2016-5263, CVE-2016-5264, CVE-2016-5265, CVE-2016-5266, CVE-2016-5268; SHA-256 | 107aea46d43767c24d152b35ee26b6d29d2d088ed48f4b1e3d272428623578a4; Download | Favorite | View

Debian Security Advisory 3640-1: Posted Aug 3, 2016; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3640-1 - Multiple security issues have been found in the Mozilla Firefox web implementation errors may lead to the execution of arbitrary code, cross-site scripting, information disclosure and bypass of the same-origin policy.; tags | advisory, web, arbitrary, xss, info disclosure; systems | linux, debian; advisories | CVE-2016-2830, CVE-2016-2836, CVE-2016-2837, CVE-2016-2838, CVE-2016-5252, CVE-2016-5254, CVE-2016-5258, CVE-2016-5259, CVE-2016-5262, CVE-2016-5263, CVE-2016-5264, CVE-2016-5265; SHA-256 | d50f0b7ced5758fed27b5a39d77098277d67f6d245b007ad7cb534c225d478e3; Download | Favorite | View

Red Hat Security Advisory 2016-1551-01: Posted Aug 3, 2016; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2016-1551-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.3.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.; tags | advisory, web, arbitrary; systems | linux, redhat; advisories | CVE-2016-2830, CVE-2016-2836, CVE-2016-2837, CVE-2016-2838, CVE-2016-5252, CVE-2016-5254, CVE-2016-5258, CVE-2016-5259, CVE-2016-5262, CVE-2016-5263, CVE-2016-5264, CVE-2016-5265; SHA-256 | eb54700b10a737b6e621e43694174726db913f210ed8f3d9d8f578e2fe5e7b8c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 305 files
Ubuntu 67 files
Debian 23 files
Gentoo 8 files
LiquidWorm 6 files
Apple 5 files
Google Security Research 5 files
Spencer McIntyre 3 files
Ivan Fratric 3 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,133)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,177)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,160)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,495)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,025)
UNIX (9,482)
UnixWare (188)
Windows (6,786)
Other

CVE-2016-2830

Overview

Related Files

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems