CVE-2016-1949

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 44.0.2

Description The issue is related to insufficient access control between the Service Workers interface and plugins in the browser. This can be exploited by a remote attacker using a specially crafted website to bypass existing access restriction policies. The exploitation involves triggering fake responses to requests that use NPAPI plugins, potentially allowing the attacker to bypass the Same Origin Policy.

Recommendations For versions prior to 44.0.2, update to version 44.0.2 or later to resolve the issue.