Security Advisory

CVE-2016-2827

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2016-09-22 22:00:00

Last updated 2024-08-05 23:32:21

Assigner mozilla

State PUBLISHED

Description

The mozilla::net::IsValidReferrerPolicy function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a Content Security Policy (CSP) referrer directive with zero values.

← Browse all CVEs View on cve.org ↗