Mozilla Firefox < 44.0.2 Security Bypass Vulnerability
Medium Nessus Network Monitor Plugin ID 9077
SynopsisThe remote host contains a web browser that is affected by a security bypass vulnerability.
DescriptionThe version of Firefox installed is prior to 44.0.2 and is affected by a security bypass vulnerability due to improper restriction of interaction between service workers and plugins. An unauthenticated, remote attacker can exploit this using a crafted web site that triggers spoofed responses to requests that use NPAPI to bypass the same-origin policy. (CVE-2016-1949)
SolutionUpgrade to Firefox 44.0.2 or later.