Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2018-5164

Published: 11/06/2018 Updated: 02/08/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Mozilla

Vulnerability Summary

Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the "multipart/x-mixed-replace" MIME type. This could allow for script to run where CSP should block it, allowing for cross-site scripting (XSS) and other attacks. This vulnerability affects Firefox < 60.

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla firefox

canonical ubuntu linux 16.04

canonical ubuntu linux 17.10

canonical ubuntu linux 14.04

canonical ubuntu linux 18.04

Vendor Advisories

Ubuntu Security Notice: firefox regression
USN-3645-1 caused a regression in Firefox ...
Ubuntu Security Notice: firefox vulnerabilities
Firefox could be made to crash or run programs as your login if it opened a malicious website ...
Mozilla: Security vulnerabilities fixed in Firefox 60
Mozilla Foundation Security Advisory 2018-11 Security vulnerabilities fixed in Firefox 60 Announced May 9, 2018 Impact critical Products Firefox Fixed in Firefox 60 ...
Red Hat: CVE-2018-5164
Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the "multipart/x-mixed-replace" MIME type This could allow for script to run where CSP should block it, allowing for cross-site scripting (XSS) and other attacks This vulnerability affects Firefox &lt; 60 ...
Arch Linux Issues:
A Content Security Policy (CSP) bypass has been found in Firefox &lt; 600, where the CSP is not applied correctly to all parts of multipart content sent with the multipart/x-mixed-replace MIME type This could allow for script to run where CSP should block it, allowing for cross-site scripting (XSS) and other attacks ...

Github Repositories

https://github.com/V1n1v131r4/Bypass-CSP-against-MIME-Confusion-Attack

This post describe how to bypass Content Security Policy against MIME Confusion Attack on browsers

Bypass CSP against MIME Confusion Attack Major browsers have implemented Content Security Policy against MIME confusion attacks since 2018, reported by CVE-2018-5164 and CVE-2019-19916 (my report) which use polyglot image files (GIF, JPG ) with embedded JavaScript code (as described here: blogmozillaorg/security/2016/08/26/mitigating-mime-confusion-attacks-in-firef

References

CWE-79https://www.mozilla.org/security/advisories/mfsa2018-11/https://bugzilla.mozilla.org/show_bug.cgi?id=1416045https://usn.ubuntu.com/3645-1/http://www.securitytracker.com/id/1040896http://www.securityfocus.com/bid/104139https://nvd.nist.govhttps://usn.ubuntu.com/3645-2/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook