Mozilla Firefox CVE-2016-2830 Information Disclosure Vulnerability

description-logoDescription

Security researcher Toni Huttunen reported that once the favicon is requested from a site, the remote server can keep the favicon network connection open even when the page is later closed. This allows a malicious site to continue to use this channel to send requests to the browser, leading to potential information disclosure, such as tracking the user across multiple IP addresses as the user changes networks.

affected-products-logoAffected Applications

Firefox
Firefox ESR

CVE References

CVE-2016-2830