[arch-security] [ASA-201602-12] firefox: same-origin policy bypass

Remi Gacogne rgacogne at archlinux.org
Sat Feb 13 20:56:49 UTC 2016


Arch Linux Security Advisory ASA-201602-12
==========================================

Severity: High
Date    : 2016-02-13
CVE-ID  : CVE-2016-1949
Package : firefox
Type    : same-origin policy bypass
Remote  : Yes
Link    : https://wiki.archlinux.org/index.php/CVE

Summary
=======

The package firefox before version 44.0.2-1 is vulnerable to same-origin
policy bypass.

Resolution
==========

Upgrade to 44.0.2-1.

# pacman -Syu "firefox>=44.0.2-1"

The problem has been fixed upstream in version 44.0.2.

Workaround
==========

None.

Description
===========

Jason Pang of OneSignal reported that service workers intercept
responses to plugin network requests made through the browser. Plugins
which make security decisions based on the content of network requests
can have these decisions subverted if a service worker forges responses
to those requests. For example, a forged crossdomain.xml could allow a
malicious site to violate the same-origin policy using the Flash plugin.

Impact
======

A remote attacker might be able to bypass the same-origin policy and
gain access to sensitive information.

References
==========

https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/
https://access.redhat.com/security/cve/CVE-2016-1949

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20160213/c1a2a7cd/attachment.asc>


More information about the arch-security mailing list