Hyperlink-based Browser Crash Vulnerability in Firefox and Thunderbird

Hyperlink-based Browser Crash Vulnerability in Firefox and Thunderbird

CVE-2017-5422 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

If a malicious site uses the "view-source:" protocol in a series within a single hyperlink, it can trigger a non-exploitable browser crash when the hyperlink is selected. This was fixed by no longer making "view-source:" linkable. This vulnerability affects Firefox < 52 and Thunderbird < 52.

Learn more about our Web Application Penetration Testing UK.