PT-2018-8252 · Mozilla+1 · Firefox For Android+1

Muneaki Nishimura

Published

2017-05-09

Updated

2018-08-09

CVE-2017-5463

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions: Firefox for Android versions prior to 53

Description: The issue allows an attacker to spoof the contents of the address bar as displayed to users by launching Firefox for Android in reader mode with a user-specified URL using Android intents. This affects only Firefox for Android, with other operating systems not being affected.

Recommendations: For versions prior to 53, update to version 53 or later to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

ALT-PU-2017-1577

CVE-2017-5463

Affected Products

Alt Linux

Firefox For Android

PT-2018-8252 · Mozilla+1 · Firefox For Android+1

CVE-2017-5463

Weakness Enumeration

Related Identifiers

Affected Products

References · 6