NVD

Id
18814  
Name
CVE-2016-2830  
Description
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used for favicon resource retrieval after the associated browser window is closed, which makes it easier for remote web servers to track users by observing network traffic from multiple IP addresses.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-19  
Published
2016-08-04  
Modified Date
2016-11-28  
Seq
2016-2830  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
104447 18814 CVE-2016-2830 openSUSE-SU-2016:1964  View
104448 18814 CVE-2016-2830 openSUSE-SU-2016:2026  View
104449 18814 CVE-2016-2830 RHSA-2016:1551  View
104450 18814 CVE-2016-2830 DSA-3640  View
104451 18814 CVE-2016-2830 http://www.mozilla.org/security/announce/2016/mfsa2016-63.html  View
104452 18814 CVE-2016-2830 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html  View
104453 18814 CVE-2016-2830 92261  View
104454 18814 CVE-2016-2830 USN-3044-1  View
104455 18814 CVE-2016-2830 https://bugzilla.mozilla.org/show_bug.cgi?id=1255270  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
3364 JVNDB-2016-004137 Mozilla Firefox におけるユーザを追跡される脆弱性 Mozilla Firefox は、関連のブラウザウィンドウが閉じられた後も favicon のリソース取り込みに使用されたネットワーク接続が持続されているため、ユーザを追跡される脆弱性が存在します。 CVE-2016-2830 89336 CVE-2016-2830 18814 4.3 4.3 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004137.html 2016-08-02 2016-08-08 View