CVE-2017-5463

Summary

Android intents can be used to launch Firefox for Android in reader mode with a user specified URL. This allows an attacker to spoof the contents of the addressbar as displayed to users. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 53.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 53affected

Weaknesses

  • Addressbar spoofing through reader view on Firefox for Android

ADP Enrichment

CVE Program Container

Additional References

References