Published: 11/06/2018 Updated: 01/08/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8 | Impact Score: 5.9 | Exploitability Score: 2.1

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

A maliciously crafted page loaded to the sidebar through a bookmark can reference a privileged chrome window and engage in limited JavaScript operations violating cross-origin protections. This vulnerability affects Firefox < 50.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox

Firefox could be made to crash or run programs as your login if it opened a malicious website ...

A maliciously crafted page loaded to the sidebar through a bookmark can reference a privileged chrome window and engage in limited JavaScript operations violating cross-origin protections This vulnerability affects Firefox < 50 ...

Mozilla Foundation Security Advisory 2016-89 Security vulnerabilities fixed in Firefox 50 Announced November 15, 2016 Impact critical Products Firefox Fixed in Firefox 50 ...

A maliciously crafted page loaded to the sidebar through a bookmark can reference a privileged chrome window and engage in limited JavaScript operations violating cross-origin protections ...

CWE-264 https://www.mozilla.org/security/advisories/mfsa2016-89/https://bugzilla.mozilla.org/show_bug.cgi?id=1281071 http://www.securitytracker.com/id/1037298 http://www.securityfocus.com/bid/94337 https://nvd.nist.gov https://usn.ubuntu.com/3124-1/

CVE-2016-9070

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect