CVE-2016-2829

Loading...

General

Score:4.3/10.0
Severity:Low
Category:Access Control Error

Impact Metrics

Confidentiality:None
Integrity:Partial
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Relative vulnerabilities

CVE-2016-2815, CVE-2016-2818, CVE-2016-2819, CVE-2016-2821, CVE-2016-2822, CVE-2016-2825, CVE-2016-2828, CVE-2016-2831, CVE-2016-2832, CVE-2016-2833, CVE-2016-2834

Published on 13/06/16 - Updated on 20/06/16

Description

Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a crafted web site that rapidly triggers permission requests, as demonstrated by the microphone permission or the geolocation permission.

Category: Access Control Error

CWE-284 (Improper Access Control)
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Security Notices

US National Vulnerability DatabaseCVE-2016-2829
Agence Nationale de la Sécurité des Systèmes d'Information CERTFR-2016-AVI-193
Arch Linux ASA-201606-7
Mozilla MFSA2016-57
Ubuntu USN-2993-1

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
canonicalubuntu_linux
mozillafirefox
novellleap
novellopensuse

Share this vulnerability with:

Twitter Facebook LinkedIn Mail