Уязвимость инициирования нежелательной загрузки в Mozilla Firefox при некорректной обработке попыток подключения к сервису Application Reputation
Описание
Mozilla Firefox версии 43.x некорректно обрабатывает попытки подключения к сервису Application Reputation, что упрощает злоумышленникам возможность инициирования нежелательной загрузки за счет отсутствия данных о репутации.
Затронутые версии ПО
- Mozilla Firefox 43.x
Тип уязвимости
Инициирование нежелательной загрузки
Ссылки
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party Advisory
- Issue TrackingVendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party Advisory
- Issue TrackingVendor Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Одно из
Одно из
Одно из
EPSS
4.7 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data.
Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data.
Mozilla Firefox 43.x mishandles attempts to connect to the Application ...
Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data.
Security update for the MozillaFirefox, mozilla-nss and mozilla-nspr
EPSS
4.7 Medium
CVSS3
4.3 Medium
CVSS2