Lucene search
UbuntuUSN-2893-1HistoryFeb 11, 2016 - 12:00 a.m.
Firefox vulnerability
2016-02-1100:00:00
ubuntu.com
30
Releases
- Ubuntu 15.10
- Ubuntu 14.04 ESM
- Ubuntu 12.04
Packages
- firefox - Mozilla Open Source web browser
Details
Jason Pang discovered that service workers intercept responses to plugin
network requests made through the browser. An attacker could potentially
exploit this to bypass same origin restrictions using the Flash plugin.
(CVE-2016-1949)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 15.10 | noarch | firefox | < 44.0.2+build1-0ubuntu0.15.10.1 | UNKNOWN |
| Ubuntu | 15.10 | noarch | firefox-dbg | < 44.0.2+build1-0ubuntu0.15.10.1 | UNKNOWN |
| Ubuntu | 15.10 | noarch | firefox-dbgsym | < 44.0.2+build1-0ubuntu0.15.10.1 | UNKNOWN |
| Ubuntu | 15.10 | noarch | firefox-dev | < 44.0.2+build1-0ubuntu0.15.10.1 | UNKNOWN |
| Ubuntu | 15.10 | noarch | firefox-globalmenu | < 44.0.2+build1-0ubuntu0.15.10.1 | UNKNOWN |
| Ubuntu | 15.10 | noarch | firefox-locale-af | < 44.0.2+build1-0ubuntu0.15.10.1 | UNKNOWN |
| Ubuntu | 15.10 | noarch | firefox-locale-an | < 44.0.2+build1-0ubuntu0.15.10.1 | UNKNOWN |
| Ubuntu | 15.10 | noarch | firefox-locale-ar | < 44.0.2+build1-0ubuntu0.15.10.1 | UNKNOWN |
| Ubuntu | 15.10 | noarch | firefox-locale-as | < 44.0.2+build1-0ubuntu0.15.10.1 | UNKNOWN |
| Ubuntu | 15.10 | noarch | firefox-locale-ast | < 44.0.2+build1-0ubuntu0.15.10.1 | UNKNOWN |
References
Related
nessus
nessus
Firefox < 44.0.2 Service Workers Security Bypass
2016-02-16 00:00:00
openSUSE Security Update : Mozilla Firefox (openSUSE-2016-259)
2016-02-25 00:00:00
Ubuntu 14.04 LTS : Firefox vulnerability (USN-2893-1)
2016-02-12 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2893-1)
2016-02-12 00:00:00
Mozilla Firefox Security Advisory (MFSA2016-13) - Linux
2021-11-08 00:00:00
Mozilla Firefox Security Bypass Vulnerability (Feb 2016) - Windows
2016-02-15 00:00:00
debiancve
debiancve
CVE-2016-1949
2016-02-13 02:59:00
prion
prion
Design/Logic Flaw
2016-02-13 02:59:00
freebsd
freebsd
firefox -- Same-origin-policy violation using Service Workers with plugins
2016-02-11 00:00:00
cve
cve
CVE-2016-1949
2016-02-13 02:59:00
mozilla
mozilla
Same-origin-policy violation using Service Workers with plugins — Mozilla
2016-02-11 00:00:00
archlinux
archlinux
firefox: same-origin policy bypass
2016-02-13 00:00:00
ubuntucve
ubuntucve
CVE-2016-1949
2016-02-11 00:00:00
cvelist
cvelist
CVE-2016-1949
2016-02-13 02:00:00
kaspersky
kaspersky
KLA10759 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2016-02-11 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2016-05-31 00:00:00