CVE-2018-5109
N/A
N/A
Summary
An audio capture session can started under an incorrect origin from the site making the capture request. Users are still prompted to allow the request but the prompt can display the wrong origin, leading to user confusion about which site is making the request to capture an audio stream. This vulnerability affects Firefox < 58.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Mozilla | Firefox | unspecified < 58 | affected |
Weaknesses
- Audio capture prompts and starts with incorrect origin attribution
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.mozilla.org/show_bug.cgi?id=1405599
- http://www.securitytracker.com/id/1040270
- https://usn.ubuntu.com/3544-1/
- http://www.securityfocus.com/bid/102786
- https://www.mozilla.org/security/advisories/mfsa2018-02/
References
- https://bugzilla.mozilla.org/show_bug.cgi?id=1405599
- http://www.securitytracker.com/id/1040270
- https://usn.ubuntu.com/3544-1/
- http://www.securityfocus.com/bid/102786
- https://www.mozilla.org/security/advisories/mfsa2018-02/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.