The vulnerability of the Mozilla Firefox browser, related to errors in information representation by the user interface, allows a hacker to replace the address bar.

🗓️ 07 Mar 2025 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 2 Views

Firefox UI information display errors allow an attacker to replace the address bar with a crafted link.

Reporter	Title	Published	Views	Family All 82
ATTACKERKB	CVE-2025-0246	7 Jan 202516:15	–	attackerkb
AlpineLinux	CVE-2025-0246	7 Jan 202516:15	–	alpinelinux
Chainguard	CVE-2025-0246 vulnerabilities	7 Jan 202516:15	–	cgr
Circl	CVE-2025-0246	7 Jan 202516:17	–	circl
CNNVD	Mozilla Firefox 安全漏洞	7 Jan 202500:00	–	cnnvd
CVE	CVE-2025-0246	7 Jan 202516:07	–	cve
Cvelist	CVE-2025-0246 Address bar spoofing using an invalid protocol scheme on Firefox for Android	7 Jan 202516:07	–	cvelist
Debian CVE	CVE-2025-0246	7 Jan 202516:07	–	debiancve
EUVD	EUVD-2025-1578	3 Oct 202520:07	–	euvd
Tenable Nessus	Fedora 41 : firefox (2025-6fcde64d77)	8 Jan 202500:00	–	nessus

Vulners

Node

mozilla firefoxRange<134

OR

novell opensuse_leapMatch15.5

OR

novell suse_linux_enterprise_server_for_sap_applicationsMatch15

OR

novell suse_linux_enterprise_serverMatch15-ltss

OR

novell opensuse_leapMatch15.3

OR

novell opensuse_leapMatch15.4

OR

novell suse_linux_enterprise_serverMatch15

OR

novell suse_linux_enterprise_desktopMatch15

Source	Link
bugzilla	www.bugzilla.mozilla.org/show_bug.cgi
mozilla	www.mozilla.org/en-US/security/advisories/mfsa2025-01/
suse	www.suse.com/security/cve/CVE-2025-0246.html
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2025010985
web	www.web.nvd.nist.gov/view/vuln/detail
mozilla	www.mozilla.org/security/advisories/mfsa2025-01.html

07 Mar 2025 00:00Current

5.9Medium risk

Vulners AI Score5.9

CVSS 26.4

CVSS 36.5

EPSS0.00185

firefox browser vulnerability address bar substitution crafted link exploitation user interface errors information display errors