CVE-2016-5292: Input Validation

Reference Links

• https://bugzilla.mozilla.org/show_bug.cgi?id=1288482
• https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/
• http://www.securityfocus.com/bid/94337
• http://www.securitytracker.com/id/1037298
• https://www.mozilla.org/security/advisories/mfsa2016-89/

Parent vulnerabilities

(Appears in the following advisories)

• MFSA2016-89

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2016-5296
• CVE-2016-5292
• CVE-2016-5293
• CVE-2016-5294
• CVE-2016-5297
• CVE-2016-9064
• CVE-2016-9065
• CVE-2016-9066
• CVE-2016-9067
• CVE-2016-9068
• CVE-2016-9072
• CVE-2016-9075
• CVE-2016-9077
• CVE-2016-5291
• CVE-2016-5295
• CVE-2016-5298
• CVE-2016-5299
• CVE-2016-9061
• CVE-2016-9062
• CVE-2016-9070
• CVE-2016-9073
• CVE-2016-9074
• CVE-2016-9076
• CVE-2016-9063
• CVE-2016-9071
• CVE-2016-5289
• CVE-2016-5290

Frequently Asked Questions

• What is the vulnerability ID for this vulnerability?

  The vulnerability ID for this vulnerability is CVE-2016-5292.

• What is the severity of CVE-2016-5292?

  CVE-2016-5292 has a severity rating of high.

• Which software is affected by CVE-2016-5292?

  Mozilla Firefox versions up to but not including 50 are affected by CVE-2016-5292.

• How can a maliciously crafted URL exploit CVE-2016-5292?

  A maliciously crafted URL can cause a potentially exploitable crash during URL parsing in the affected software.

• How can I fix CVE-2016-5292?

  To fix CVE-2016-5292, update Mozilla Firefox to version 50 or later.