Your submission was sent successfully! Close

CVE-2016-1947

Published: 26 January 2016

Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data.

Priority

Medium

CVSS 3 base score: 4.7

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
precise
Released (44.0+build3-0ubuntu0.12.04.1)
trusty Does not exist
(trusty was released [44.0+build3-0ubuntu0.14.04.1])
upstream
Released (44.0)
vivid
Released (44.0+build3-0ubuntu0.15.04.1)
wily
Released (44.0+build3-0ubuntu0.15.10.1)
thunderbird
Launchpad, Ubuntu, Debian
precise Not vulnerable

trusty Does not exist
(trusty was not-affected)
upstream Not vulnerable

vivid Not vulnerable

wily Not vulnerable