CVE-2016-1947
Description
Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data.
Risk Information
Base Score
4.7
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
EPSS Score
Exploitation Probability
0.571
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update for Mozilla Firefox (44.0) | Windows |
| Update for Mozilla Firefox x64 (44.0) | Windows |
| Update for Mozilla Firefox (44.0.1) | Windows |
| Update for Mozilla Firefox x64 (44.0.1) | Windows |
| Update for Mozilla Firefox (44.0.2) | Windows |
| Update for Mozilla Firefox x64 (44.0.2) | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 43.0.4 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 43.0.4 | Windows |
| Multiple vulnerabilities are fixed in Update for Mozilla Firefox For Mac (44.0) | Mac |
| Multiple vulnerabilities are fixed in Update for Mozilla Firefox For Mac (44.0.1) | Mac |
| Multiple vulnerabilities are fixed in Update for Mozilla Firefox For Mac (44.0.2) | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 43.0.4 | Mac |
| Vulnerabilities CVE-2016-1947 are affected in Mozilla Firefox for Mac 43.0 | Mac |
| Vulnerabilities CVE-2016-1947 are affected in Mozilla Firefox for Mac 43.0.1 | Mac |
| Vulnerabilities CVE-2016-1947 are affected in Mozilla Firefox for Mac 43.0.2 | Mac |
| Vulnerabilities CVE-2016-1947 are affected in Mozilla Firefox for Mac 43.0.3 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-302195 | Update for Mozilla Firefox (44.0) |
| PATCH-302196 | Update for Mozilla Firefox x64 (44.0) |
| PATCH-302198 | Update for Mozilla Firefox x64 (44.0.1) |
| PATCH-302199 | Update for Mozilla Firefox (44.0.2) |
| PATCH-302200 | Update for Mozilla Firefox x64 (44.0.2) |
| PATCH-607000 | Mozilla Firefox For Mac (124.0) |
| PATCH-607000 | Mozilla Firefox For Mac (124.0) |
| PATCH-607000 | Mozilla Firefox For Mac (124.0) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234