Bug 1361994 (CVE-2016-5265) - CVE-2016-5265 Mozilla: Same-origin policy violation using local HTML file and saved shortcut file (MFSA 2016-80)
Summary: CVE-2016-5265 Mozilla: Same-origin policy violation using local HTML file and...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2016-5265
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=moderate,public=20160802,repor...
Depends On:
Blocks: 1360577
TreeView+ depends on / blocked
 
Reported: 2016-08-01 06:43 UTC by Huzaifa S. Sidhpurwala
Modified: 2019-06-08 21:22 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-09-23 05:34:47 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2016:1551 normal SHIPPED_LIVE Critical: firefox security update 2016-08-03 12:06:43 UTC

Description Huzaifa S. Sidhpurwala 2016-08-01 06:43:11 UTC
Security researcher Abdulrahman Alqabandi reported that when a local HTML file resides in the same directory as a malicious local shortcut file, the shortcut can be called by the local page to allow the page to read the contents of local files or directories or to load an arbitrary website in violation of same-origin policy, allowing for data theft. In order for this vulnerability to be triggered, both the malicious HTML file as well as the shortcut must be saved to the same local directory and then loaded from there by a user. 


External Reference:

https://www.mozilla.org/security/announce/2016/mfsa2016-80.html


Acknowledgements:

Name: the Mozilla project
Upstream: Abdulrahman Alqabandi

Comment 1 errata-xmlrpc 2016-08-03 08:08:25 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 5
  Red Hat Enterprise Linux 6
  Red Hat Enterprise Linux 7

Via RHSA-2016:1551 https://rhn.redhat.com/errata/RHSA-2016-1551.html


Note You need to log in before you can comment on or make changes to this bug.