Jump to content

Mozilla patches critical Firefox flaw weeks after update


Batu69

Recommended Posts

The vulnerability, CVE-2016-9078, only affects Firefox 49 and 50 and was patched in version 50.0.1.

The vulnerability, CVE-2016-9078, only affects Firefox 49 and 50 and was patched in version 50.0.1.

 

Mozilla Monday released a security update to patch a critical flaw in Firefox which could allow an attacker to take control of the affected system.

The vulnerability, CVE-2016-9078, only affects Firefox 49 and 50 and was patched in version 50.0.1 and could allow a URL to inherit the wrong origin after an HTTP redirect, according to a Nov. 28 security advisory.

 

“This can result in same-origin violations against a domain if it loads resources from malicious sites,” the advisory said. “Cross-origin setting of cookies has been demonstrated without the ability to read them.”

 

Anyone using an infected system is encouraged to update as soon as possible. Earlier this month, Mozilla released a number of security fixes affecting two of its Firefox browsers - the widely used consumer edition, v50, and ESR 45.5, intended for enterprises which manage client desktops.

 

Article source

Link to comment
Share on other sites


  • Views 491
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...