Denial of Service Vulnerability in Firefox < 51: Unrestricted STUN Packet Sending via e10s
CVE-2017-5388 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:N/A:P
A STUN server in conjunction with a large number of "webkitRTCPeerConnection" objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on e10s systems, allowing for a denial of service attack. This vulnerability affects Firefox < 51.
Learn more about our Web App Pen Testing.