Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2016-5298

Published: 11 June 2018

A mechanism where disruption of the loading of a new web page can cause the previous page's favicon and SSL indicator to not be reset when the new page is loaded. Note: this issue only affects Firefox for Android. Desktop Firefox is unaffected. This vulnerability affects Firefox < 50.

Notes

AuthorNote
sbeattie
firefox for android only

Priority

Medium

Cvss 3 Severity Score

6.5

Score breakdown

Status

Package Release Status
thunderbird
Launchpad, Ubuntu, Debian
xenial Not vulnerable
(android only)
upstream Not vulnerable
(android only)
precise Not vulnerable
(android only)
trusty Does not exist
(trusty was not-affected [android only])
yakkety Not vulnerable
(android only)
firefox
Launchpad, Ubuntu, Debian
upstream
Released (50)
precise Not vulnerable
(android only)
trusty Does not exist
(trusty was not-affected [android only])
xenial Not vulnerable
(android only)
yakkety Not vulnerable
(android only)

Severity score breakdown

Parameter Value
Base score 6.5
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Scope Unchanged
Confidentiality None
Integrity impact High
Availability impact None
Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N