CVE-2017-5463: Input Validation

Reference Links

• https://bugzilla.mozilla.org/show_bug.cgi?id=1338867
• https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/
• https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5459
• http://www.securityfocus.com/bid/97940
• http://www.securitytracker.com/id/1038320
• https://www.mozilla.org/security/advisories/mfsa2017-10/

Parent vulnerabilities

(Appears in the following advisories)

• MFSA2017-10

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2017-5433
• CVE-2017-5435
• CVE-2017-5436
• CVE-2017-5461
• CVE-2017-5459
• CVE-2017-5466
• CVE-2017-5434
• CVE-2017-5432
• CVE-2017-5460
• CVE-2017-5438
• CVE-2017-5439
• CVE-2017-5440
• CVE-2017-5441
• CVE-2017-5442
• CVE-2017-5464
• CVE-2017-5443
• CVE-2017-5444
• CVE-2017-5446
• CVE-2017-5447
• CVE-2017-5465
• CVE-2017-5448
• CVE-2016-10196
• CVE-2017-5454
• CVE-2017-5455
• CVE-2017-5456
• CVE-2017-5469
• CVE-2017-5445
• CVE-2017-5449
• CVE-2017-5450
• CVE-2017-5451
• CVE-2017-5462
• CVE-2017-5463
• CVE-2017-5467
• CVE-2017-5452
• CVE-2017-5453
• CVE-2017-5458
• CVE-2017-5468
• CVE-2017-5430
• CVE-2017-5429

Frequently Asked Questions

• What is the severity of CVE-2017-5463?

  CVE-2017-5463 is classified as a medium severity vulnerability.

• How do I fix CVE-2017-5463?

  To fix CVE-2017-5463, update Firefox for Android to version 54 or later.

• Which versions of Firefox are affected by CVE-2017-5463?

  CVE-2017-5463 affects Firefox for Android versions prior to 54.

• Does CVE-2017-5463 affect other operating systems?

  No, CVE-2017-5463 only affects Firefox for Android and does not affect other operating systems.

• Can CVE-2017-5463 lead to phishing attacks?

  Yes, CVE-2017-5463 can allow attackers to spoof the contents of the address bar, potentially leading to phishing attacks.