Lucene search
MozillaCVELIST:CVE-2016-1949HistoryFeb 13, 2016 - 2:00 a.m.
CVE-2016-1949
2016-02-1302:00:00
mozilla
www.cve.org
Mozilla Firefox before 44.0.2 does not properly restrict the interaction between Service Workers and plugins, which allows remote attackers to bypass the Same Origin Policy via a crafted web site that triggers spoofed responses to requests that use NPAPI, as demonstrated by a request for a crossdomain.xml file.
References
lists.opensuse.org/opensuse-updates/2016-02/msg00102.html
lists.opensuse.org/opensuse-updates/2016-02/msg00142.html
www.mozilla.org/security/announce/2016/mfsa2016-13.html
www.securitytracker.com/id/1035007
www.ubuntu.com/usn/USN-2893-1
bugzilla.mozilla.org/show_bug.cgi?id=1245724
security.gentoo.org/glsa/201605-06
Related
nessus
nessus
Ubuntu 14.04 LTS : Firefox vulnerability (USN-2893-1)
2016-02-12 00:00:00
Mozilla Firefox < 44.0.2 Security Bypass Vulnerability
2016-02-19 00:00:00
openSUSE Security Update : Mozilla Firefox (openSUSE-2016-259)
2016-02-25 00:00:00
ubuntu
ubuntu
Firefox vulnerability
2016-02-11 00:00:00
debiancve
debiancve
CVE-2016-1949
2016-02-13 02:59:12
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2016-13) - Linux
2021-11-08 00:00:00
Ubuntu: Security Advisory (USN-2893-1)
2016-02-12 00:00:00
Mozilla Firefox Security Bypass Vulnerability (Feb 2016) - Windows
2016-02-15 00:00:00
freebsd
freebsd
firefox -- Same-origin-policy violation using Service Workers with plugins
2016-02-11 00:00:00
prion
prion
Design/Logic Flaw
2016-02-13 02:59:00
cve
cve
CVE-2016-1949
2016-02-13 02:59:12
mozilla
mozilla
Same-origin-policy violation using Service Workers with plugins — Mozilla
2016-02-11 00:00:00
ubuntucve
ubuntucve
CVE-2016-1949
2016-02-11 00:00:00
nvd
nvd
CVE-2016-1949
2016-02-13 02:59:12
archlinux
archlinux
firefox: same-origin policy bypass
2016-02-13 00:00:00
kaspersky
kaspersky
KLA10759 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2016-02-11 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2016-05-31 00:00:00