virus logo FortiClient Vulnerability

Mozilla Firefox CVE-2016-1949 Weak Authentication Vulnerability

description-logoDescription

Jason Pang of OneSignal reported that service workers intercept responses to plugin network requests made through the browser. Plugins which make security decisions based on the content of network requests can have these decisions subverted if a service worker forges responses to those requests. For example, a forged crossdomain.xml could allow a malicious site to violate the same-origin policy using the Flash plugin.

affected-products-logoAffected Applications

Firefox

CVE References

CVE-2016-1949

Other References

https://www.mozilla.org/en-US/security/advisories/mfsa2016-13
ID 39678
Created Jan 17, 2020
Description
Updated		 Dec 19, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor Mozilla
Patch manual
Application Firefox