The mozilla::net::IsValidReferrerPolicy function in Mozilla Firefox prior to 49.0 allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a Content Security Policy (CSP) referrer directive with zero values.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox |