CVE-2016-1947
First published: Sun Jan 31 2016(Updated: )
Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data.
Credit: security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Canonical Ubuntu Linux | =12.04 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =15.04 | |
| Canonical Ubuntu Linux | =15.10 | |
| openSUSE Leap | =42.1 | |
| openSUSE openSUSE | =13.1 | |
| openSUSE openSUSE | =13.2 | |
| Mozilla Firefox | =43.0 | |
| Mozilla Firefox | =43.0.1 | |
| Mozilla Firefox | =43.0.2 | |
| Mozilla Firefox | =43.0.3 | |
| Mozilla Firefox | =43.0.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
- http://www.mozilla.org/security/announce/2016/mfsa2016-11.html
- http://www.securityfocus.com/bid/81949
- http://www.securitytracker.com/id/1034825
- http://www.ubuntu.com/usn/USN-2880-1
- http://www.ubuntu.com/usn/USN-2880-2
- https://bugzilla.mozilla.org/show_bug.cgi?id=1237103
- https://security.gentoo.org/glsa/201605-06
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/references
- agent/author
- agent/severity
- agent/weakness
- agent/description
- agent/event
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/12.04
- version/canonical ubuntu linux/14.04
- version/canonical ubuntu linux/15.04
- version/canonical ubuntu linux/15.10
- vendor/opensuse
- canonical/opensuse leap
- version/opensuse leap/42.1
- canonical/opensuse opensuse
- version/opensuse opensuse/13.1
- version/opensuse opensuse/13.2
- vendor/mozilla
- canonical/mozilla firefox
- version/mozilla firefox/43.0
- version/mozilla firefox/43.0.1
- version/mozilla firefox/43.0.2
- version/mozilla firefox/43.0.3
- version/mozilla firefox/43.0.4