← back
CVE-2016-1947

CVE-2016-1947

EPSS 1.9%
Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=1237103https://security.gentoo.org/glsa/201605-06http://www.mozilla.org/security/announce/2016/mfsa2016-11.htmlhttp://www.securityfocus.com/bid/81949http://www.securitytracker.com/id/1034825http://www.ubuntu.com/usn/USN-2880-1http://www.ubuntu.com/usn/USN-2880-2