CVE-2016-1943

EUVD-2016-3032
Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.7 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
Affected Products (NVD)
VendorProductVersion
opensuseleap
42.1
opensuseopensuse
13.1
opensuseopensuse
13.2
mozillafirefox
43.0.4
googleandroid
*
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
precise
not-affected
trusty
dne
vivid
not-affected
wily
not-affected
thunderbird
precise
not-affected
trusty
dne
vivid
not-affected
wily
not-affected
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
http://www.mozilla.org/security/announce/2016/mfsa2016-09.html
http://www.securityfocus.com/bid/81948
http://www.securitytracker.com/id/1034825
https://bugzilla.mozilla.org/show_bug.cgi?id=1228590
https://security.gentoo.org/glsa/201605-06
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
http://www.mozilla.org/security/announce/2016/mfsa2016-09.html
http://www.securityfocus.com/bid/81948
http://www.securitytracker.com/id/1034825
https://bugzilla.mozilla.org/show_bug.cgi?id=1228590
https://security.gentoo.org/glsa/201605-06