Published: 26/04/2019 Updated: 29/04/2019

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

If WebRTC permission is requested from documents with data: or blob: URLs in Firefox prior to 66.0, the permission notifications do not properly display the originating domain. The notification states "Unknown origin" as the requestee, leading to user confusion about which site is asking for this permission.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox

Several security issues were fixed in Firefox ...

USN-3918-1 caused a regression in Firefox ...

Several security issues were fixed in Firefox ...

USN-3918-1 caused a regression in Firefox ...

Mozilla Foundation Security Advisory 2019-07 Security vulnerabilities fixed in Firefox 66 Announced March 19, 2019 Impact critical Products Firefox Fixed in Firefox 66 ...

If WebRTC permission is requested from documents with data: or blob: URLs in Firefox before 660, the permission notifications do not properly display the originating domain The notification states "Unknown origin" as the requestee, leading to user confusion about which site is asking for this permission ...

CWE-346 https://www.mozilla.org/security/advisories/mfsa2019-07/https://bugzilla.mozilla.org/show_bug.cgi?id=1434634 https://nvd.nist.gov https://usn.ubuntu.com/3918-1/https://security.archlinux.org/CVE-2019-9808

CVE-2019-9808

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect