Vulnerability CVE-2016-5288: Information

Description

Web content could access information in the HTTP cache if e10s is disabled. This can reveal some visited URLs and the contents of those pages. This issue affects Firefox 48 and 49. This vulnerability affects Firefox < 49.0.2.

Severity: MEDIUM (5.9) Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

URL: https://nvd.nist.gov/vuln/detail/CVE-2016-5288
Published: June 12, 2018
Modified: July 30, 2018
Error type identifier: CWE-200

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
firefoxsisyphus49.0.2-alt1127.0-alt1ALT-PU-2016-2152-1171223Fixed
firefoxp1049.0.2-alt1118.0.2-alt0.p10.1ALT-PU-2016-2152-1171223Fixed
firefoxp949.0.2-alt1105.0.1-alt0.c9.1ALT-PU-2016-2152-1171223Fixed
firefoxp849.0.2-alt0.M80P.168.0.1-alt0.M80P.1ALT-PU-2016-2166-1171275Fixed
firefoxc10f149.0.2-alt1112.0.2-alt0.p10.1ALT-PU-2016-2152-1171223Fixed
firefoxc9f249.0.2-alt1105.0.1-alt0.c9.1ALT-PU-2016-2152-1171223Fixed
firefoxc752.5.3-alt0.M70C.160.8.0-alt0.M70C.1ALT-PU-2018-1225-1200642Fixed
firefoxp1149.0.2-alt1126.0.1-alt1ALT-PU-2016-2152-1171223Fixed
firefox-esrsisyphus52.1.1-alt1115.11.0-alt1ALT-PU-2017-1578-1182570Fixed
firefox-esrp1052.1.1-alt1115.11.0-alt1ALT-PU-2017-1578-1182570Fixed
firefox-esrp952.1.1-alt1102.11.0-alt0.c9.1ALT-PU-2017-1578-1182570Fixed
firefox-esrp852.3.0-alt0.M80P.168.4.1-alt0.M80P.1ALT-PU-2017-2230-1188380Fixed
firefox-esrc10f152.1.1-alt1115.9.1-alt0.c10.1ALT-PU-2017-1578-1182570Fixed
firefox-esrc9f252.1.1-alt1102.12.0-alt0.c9.1ALT-PU-2017-1578-1182570Fixed
firefox-esrp1152.1.1-alt1115.11.0-alt1ALT-PU-2017-1578-1182570Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://www.mozilla.org/security/advisories/mfsa2016-87/
  • Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1310183
  • Issue Tracking
  • Vendor Advisory
1037077
  • Third Party Advisory
  • VDB Entry
93810
  • Third Party Advisory
  • VDB Entry

    1. Configuration 1

      cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
      End excliding
      49.0.2
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top