Mozilla · Firefox · CVE-2016-5282
**Name of the Vulnerable Software and Affected Versions**
Mozilla Firefox versions prior to 49.0
**Description**
The issue is related to the improper restriction of the scheme in favicon requests. This might allow remote attackers to obtain sensitive information via unspecified vectors. For example, a jar: URL for a favicon resource can be used to demonstrate this issue.
**Recommendations**
For versions prior to 49.0, update to version 49.0 or later to resolve the issue.