CVE-2016-2825
Mozilla Firefox before 47.0 allows remote attackers to bypass the Same Origin Policy and modify the location.host property via an invalid data: URL.
| Software | From | Fixed in |
|---|---|---|
| canonical / ubuntu_linux | 12.04 | 12.04.x |
| canonical / ubuntu_linux | 16.04 | 16.04.x |
| canonical / ubuntu_linux | 15.10 | 15.10.x |
| canonical / ubuntu_linux | 14.04 | 14.04.x |
| opensuse / leap | 42.1 | 42.1.x |
| opensuse / opensuse | 13.1 | 13.1.x |
| opensuse / opensuse | 13.2 | 13.2.x |
| mozilla / firefox | - | 46.0.1.x |
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html
- http://www.mozilla.org/security/announce/2016/mfsa2016-54.html
- http://www.securitytracker.com/id/1036057
- http://www.ubuntu.com/usn/USN-2993-1
- https://bugzilla.mozilla.org/show_bug.cgi?id=1193093
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime