When browsing a document hosted on an IP address, an attacker could insert certain characters to flip domain and path information in the address bar. This vulnerability affects Firefox < 77.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox |
Plus: Zoom fixes code-execution security bugs Prepare to have your shonky password hygiene shamed by Firefox 76
Mozilla has emitted security updates for Firefox to address eight CVE-listed security flaws, five of them considered to be high-risk vulnerabilities. The patches, present in Firefox 77, should be downloaded and installed automatically for most users, so if you haven't closed out and relaunched your browser in a while, now might be a good time. Of the five high-risk flaws, three are confirmed to allow arbitrary code execution, which in the case of a web browser means that simply loading up a mali...