Firefox@43.0.4 Security Vulnerabilities and Issues — Firefox@43.0.4 CVE List

Lucene search

MozillaFirefox43.0.4

5 matches found

CVE•added 2016/01/31 6:59 p.m.•295 views

CVE-2016-1947

Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data.

4.7CVSS6.6AI score0.00597EPSS

CVE•added 2016/01/31 6:59 p.m.•72 views

CVE-2016-1944

The Buffer11::NativeBuffer11::map function in ANGLE, as used in Mozilla Firefox before 44.0, might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

10CVSS9.5AI score0.02723EPSS

CVE•added 2016/01/31 6:59 p.m.•57 views

CVE-2016-1943

Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method.

4.7CVSS6.3AI score0.00556EPSS

CVE•added 2016/01/31 6:59 p.m.•57 views

CVE-2016-1945

The nsZipArchive function in Mozilla Firefox before 44.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect use of a pointer during processing of a ZIP archive.

9.3CVSS9.3AI score0.00648EPSS

CVE•added 2016/01/31 6:59 p.m.•55 views

CVE-2016-1948

Mozilla Firefox before 44.0 on Android does not ensure that HTTPS is used for a lightweight-theme installation, which allows man-in-the-middle attackers to replace a theme's images and colors by modifying the client-server data stream.

5.3CVSS5.9AI score0.00219EPSS