CVE-2017-5417
N/A
N/A
Summary
When dragging content from the primary browser pane to the addressbar on a malicious site, it is possible to change the addressbar so that the displayed location following navigation does not match the URL of the newly loaded page. This allows for spoofing attacks. This vulnerability affects Firefox < 52.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Mozilla | Firefox | unspecified < 52 | affected |
Weaknesses
- Addressbar spoofing by draging and dropping URLs
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.mozilla.org/show_bug.cgi?id=791597
- https://www.mozilla.org/security/advisories/mfsa2017-05/
- http://www.securitytracker.com/id/1037966
- http://www.securityfocus.com/bid/96692
References
- https://bugzilla.mozilla.org/show_bug.cgi?id=791597
- https://www.mozilla.org/security/advisories/mfsa2017-05/
- http://www.securitytracker.com/id/1037966
- http://www.securityfocus.com/bid/96692
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.