CVE-2013-6167

medium

Published 2014-02-15 · Modified 2026-04-29

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

—

CVSS v4 NEW

—

not yet in upstream

VIR risk

7.8

Description

Mozilla Firefox through 27 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a crafted parameter that forces a web application to set a malformed cookie within an HTTP response.

Predictions

Exploit likelihood

55%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or — if you've already worked around this in production — publish your fix to the community-verified tier.

✚ Propose a mitigation on Community → Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

Exploits

Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.

Exploit-DB

EDB-38798 dos multiple verified text · 1 KB

anonymous · 2013-04-04

Mozilla Firefox - Cookie Verification Denial of Service

text exploit Source: Exploit-DB

source: https://www.securityfocus.com/bid/62969/info

Mozilla Firefox is prone to a denial-of-service vulnerability because it fails to verify the user supplied input.

Successfully exploiting this issue will allow an attacker to inject special characters into the browser's local cookie storage, resulting in the requested website always responding with an error message which is hosted on specific web server software (like lighttpd). This will cause a denial-of-service condition.

Firefox 19 is vulnerable; other versions may also be affected.

Note: This issue was previously covered in BID 58857 (Google Chrome and Mozilla Firefox Browser Cookie Verification Security Weakness), but has been moved to its own record for better documentation. 

http://www.example.com/?utm_source=test&utm_medium=test&utm_campaign=te%05st

OS impact

SUSE Affected 1 release

Version	Status	Fixed in
—	Affected	—

Application impact

Vendor	Product	Versions	Fixed
mozilla	firefox	`{"endIncluding":"27.0"}`

References

CWEs

CWE-352

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.