CVE-2016-1949

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Mozilla Firefox before 44.0.2 does not properly restrict the interaction between Service Workers and plugins, which allows remote attackers to bypass the Same Origin Policy via a crafted web site that triggers spoofed responses to requests that use NPAPI, as demonstrated by a request for a crossdomain.xml file.

References

http://lists.opensuse.org/opensuse-updates/2016-02/msg00102.html

http://lists.opensuse.org/opensuse-updates/2016-02/msg00142.html

http://www.mozilla.org/security/announce/2016/mfsa2016-13.html

http://www.securitytracker.com/id/1035007

http://www.ubuntu.com/usn/USN-2893-1

https://bugzilla.mozilla.org/show_bug.cgi?id=1245724

https://security.gentoo.org/glsa/201605-06

Details

Source: MITRE

Published: 2016-02-13

Updated: 2016-12-06

Type: CWE-264

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 2.8

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* versions up to 44.0.1 (inclusive)

Tenable Plugins

View all (8 total)

IDNameProductFamilySeverity
91379GLSA-201605-06 : Mozilla Products: Multiple vulnerabilities (Logjam) (SLOTH)NessusGentoo Local Security Checks
critical
88946openSUSE Security Update : Mozilla Firefox (openSUSE-2016-259)NessusSuSE Local Security Checks
high
9077Mozilla Firefox < 44.0.2 Security Bypass VulnerabilityNessus Network MonitorWeb Clients
low
88828openSUSE Security Update : MozillaFirefox (openSUSE-2016-223)NessusSuSE Local Security Checks
high
88754Firefox < 44.0.2 Service Workers Security BypassNessusWindows
high
88752Firefox < 44.0.2 Service Workers Security Bypass (Mac OS X)NessusMacOS X Local Security Checks
high
88743FreeBSD : firefox -- Same-origin-policy violation using Service Workers with plugins (172b22cb-d3f6-11e5-ac9e-485d605f4717)NessusFreeBSD Local Security Checks
high
88711Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : firefox vulnerability (USN-2893-1)NessusUbuntu Local Security Checks
high