CVE-2016-5298: Input Validation
A mechanism where disruption of the loading of a new web page can cause the previous page's favicon and SSL indicator to not be reset when the new page is loaded. Note: this issue only affects Firefox for Android. Desktop Firefox is unaffected.
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2016-5296
- CVE-2016-5292
- CVE-2016-5293
- CVE-2016-5294
- CVE-2016-5297
- CVE-2016-9064
- CVE-2016-9065
- CVE-2016-9066
- CVE-2016-9067
- CVE-2016-9068
- CVE-2016-9072
- CVE-2016-9075
- CVE-2016-9077
- CVE-2016-5291
- CVE-2016-5295
- CVE-2016-5298
- CVE-2016-5299
- CVE-2016-9061
- CVE-2016-9062
- CVE-2016-9070
- CVE-2016-9073
- CVE-2016-9074
- CVE-2016-9076
- CVE-2016-9063
- CVE-2016-9071
- CVE-2016-5289
- CVE-2016-5290
Frequently Asked Questions
What is CVE-2016-5298?
CVE-2016-5298 refers to a vulnerability in Firefox for Android where disruption of the loading of a new web page can cause the previous page's favicon and SSL indicator to not be reset when the new page is loaded.
What software is affected by CVE-2016-5298?
CVE-2016-5298 affects Mozilla Firefox version up to exclusive version 50 for Android.
What is the severity of CVE-2016-5298?
CVE-2016-5298 has a severity level of medium (4).
How can I fix CVE-2016-5298?
To fix CVE-2016-5298, you should update Firefox for Android to a version higher than 50.
Where can I find more information about CVE-2016-5298?
You can find more information about CVE-2016-5298 on the Mozilla bug tracker (https://bugzilla.mozilla.org/show_bug.cgi?id=1227538) and the Mozilla security advisories (https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/).