CVE-2016-5282 (retired)

Priority
Description
Mozilla Firefox before 49.0 does not properly restrict the scheme in
favicon requests, which might allow remote attackers to obtain sensitive
information via unspecified vectors, as demonstrated by a jar: URL for a
favicon resource.
Assigned-to
chrisccoulson
Notes
Package
Upstream:released (49.0)
Ubuntu 16.04 LTS (Xenial Xerus):released (49.0+build4-0ubuntu0.16.04.1)
Package
Priority: Low
Upstream:not-affected
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
More Information

Updated: 2019-10-09 07:56:49 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)