Vulnerability Name:

CVE-2016-1967 (CCN-111336)

Assigned:2016-03-08
Published:2016-03-08
Updated:2016-12-03
Summary:Mozilla Firefox before 45.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls after restoring a browser session.
Note: this vulnerability exists because of an incomplete fix for CVE-2015-7207.
CVSS v3 Severity:6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)
5.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
4.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)
3.8 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-200
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2016-1967

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2016:0731

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2016:0733

Source: CONFIRM
Type: Vendor Advisory
http://www.mozilla.org/security/announce/2016/mfsa2016-29.html

Source: SECTRACK
Type: UNKNOWN
1035215

Source: UBUNTU
Type: UNKNOWN
USN-2917-1

Source: UBUNTU
Type: UNKNOWN
USN-2917-2

Source: UBUNTU
Type: UNKNOWN
USN-2917-3

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.mozilla.org/show_bug.cgi?id=1246956

Source: XF
Type: UNKNOWN
firefox-cve20161967-sec-bypass(111336)

Source: GENTOO
Type: UNKNOWN
GLSA-201605-06

Source: CCN
Type: Mozilla Foundation Security Advisory 2016-29
Same-origin policy violation using perfomance.getEntries and history navigation with session restore

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2016-1967

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mozilla:firefox:*:*:*:*:*:*:*:* (Version <= 44.0.2)

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20161967
    V
    CVE-2016-1967
    2023-06-22
    oval:org.opensuse.security:def:7868
    P
    MozillaFirefox-102.11.0-150200.152.87.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:609
    P
    Security update for sqlite3 (Moderate) (in QA)
    2022-10-04
    oval:org.opensuse.security:def:720
    P
    Security update for ucode-intel (Moderate)
    2022-08-31
    oval:org.opensuse.security:def:3252
    P
    libsmi-0.4.8-18.55 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:94882
    P
    MozillaFirefox-91.8.0-150200.152.26.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:1523
    P
    Security update for MozillaThunderbird (Important)
    2022-06-13
    oval:org.opensuse.security:def:1167
    P
    Security update for jackson-databind, jackson-dataformats-binary, jackson-annotations, jackson-bom, jackson-core (Important)
    2022-05-16
    oval:org.opensuse.security:def:1301
    P
    Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP3) (Important)
    2022-04-14
    oval:org.opensuse.security:def:1056
    P
    Security update for yaml-cpp (Moderate)
    2022-04-01
    oval:org.opensuse.security:def:1412
    P
    Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP3) (Important)
    2022-02-01
    oval:org.opensuse.security:def:111898
    P
    MozillaFirefox-50.1.0-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:945
    P
    Security update for net-snmp (Important)
    2022-01-11
    oval:org.opensuse.security:def:70030
    P
    Security update for xorg-x11-server (Important)
    2021-12-21
    oval:org.opensuse.security:def:93994
    P
    (Important)
    2021-12-06
    oval:org.opensuse.security:def:1639
    P
    Security update for squid (Moderate)
    2021-10-20
    oval:org.opensuse.security:def:105475
    P
    MozillaFirefox-50.1.0-1.1 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:71207
    P
    hardlink-1.0+git.e66999f-1.25 on GA media (Moderate)
    2021-09-21
    oval:org.opensuse.security:def:69925
    P
    Security update for ffmpeg (Important)
    2021-09-02
    oval:org.opensuse.security:def:47794
    P
    libtasn1-4.9-3.5.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47266
    P
    glib2-lang-2.48.2-10.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48287
    P
    python-pywbem-0.7.0-4.3 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48156
    P
    libnetpbm11-10.66.3-8.7.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47591
    P
    dbus-1-1.8.22-29.10.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47242
    P
    dosfstools-3.0.26-6.5 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48302
    P
    sane-backends-1.0.24-3.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47831
    P
    mutt-1.10.1-55.6.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47377
    P
    libmpfr4-3.1.2-7.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47130
    P
    powerpc-utils-1.3.2-17.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48129
    P
    libjansson4-2.12-3.5.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47702
    P
    libecpg6-10.5-1.3.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47145
    P
    rpcbind-0.2.3-21.4 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48256
    P
    pam_krb5-2.4.4-4.4 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47942
    P
    aaa_base-13.2+git20140911.61c1681-38.13.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47459
    P
    pam_krb5-2.4.4-4.4 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47241
    P
    dnsmasq-2.76-17.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48358
    P
    zypper-1.13.51-21.26.4 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48240
    P
    memcached-1.4.39-4.6.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47683
    P
    libXrender1-0.9.8-7.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47256
    P
    freeradius-server-3.0.14-1.8 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48045
    P
    ibus-chewing-1.4.14-4.11 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47570
    P
    bzip2-1.0.6-29.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47131
    P
    ppc64-diag-2.7.1-5.6 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48191
    P
    libsmi-0.4.8-18.55 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:72447
    P
    MozillaFirefox-78.10.0-8.38.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62728
    P
    MozillaFirefox-78.10.0-8.38.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:101134
    P
    MozillaFirefox-78.10.0-8.38.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:49443
    P
    Security update for nodejs10 (Important)
    2021-07-14
    oval:org.opensuse.security:def:71094
    P
    rpcbind-0.2.3-3.22 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48398
    P
    cyrus-sasl-2.1.26-7.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48367
    P
    apache-commons-httpclient-3.1-4.364 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48469
    P
    libXinerama1-1.1.3-3.54 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:64507
    P
    Security update for hivex (Moderate)
    2021-05-26
    oval:org.opensuse.security:def:67754
    P
    Security update for the Linux Kernel (Live Patch 21 for SLE 15) (Important)
    2021-04-28
    oval:org.opensuse.security:def:100707
    P
    (Important)
    2021-02-17
    oval:org.opensuse.security:def:62612
    P
    MozillaFirefox-68.8.0-3.87.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:116931
    P
    MozillaFirefox-68.8.0-3.87.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:72109
    P
    MozillaFirefox-52.7.3-1.35 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62390
    P
    MozillaFirefox-52.7.3-1.35 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:89851
    P
    MozillaFirefox-60.6.2-3.32.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:72220
    P
    MozillaFirefox-60.6.2-3.32.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:103506
    P
    MozillaFirefox-60.6.2-3.32.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62501
    P
    MozillaFirefox-60.6.2-3.32.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:72331
    P
    MozillaFirefox-68.8.0-3.87.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:107373
    P
    MozillaFirefox-68.8.0-3.87.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:49386
    P
    MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49554
    P
    libjbig2-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:66674
    P
    MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49497
    P
    MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64420
    P
    opensc on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:73247
    P
    libxcb-composite0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:67854
    P
    MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49332
    P
    socat on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49608
    P
    MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:66582
    P
    pam on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:73365
    P
    MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.cisecurity:def:1072
    V
    Same-origin policy violation using performance.getEntries and history navigation with session restore - CVE-2016-1967
    2016-09-23
    oval:com.ubuntu.precise:def:20161967000
    V
    CVE-2016-1967 on Ubuntu 12.04 LTS (precise) - medium.
    2016-03-13
    oval:com.ubuntu.trusty:def:20161967000
    V
    CVE-2016-1967 on Ubuntu 14.04 LTS (trusty) - medium.
    2016-03-13
    oval:com.ubuntu.xenial:def:201619670000000
    V
    CVE-2016-1967 on Ubuntu 16.04 LTS (xenial) - medium.
    2016-03-13
    oval:com.ubuntu.xenial:def:20161967000
    V
    CVE-2016-1967 on Ubuntu 16.04 LTS (xenial) - medium.
    2016-03-13
    BACK
    mozilla firefox *