CVE-2016-9072

Summary

When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI plugins is not enabled by default. Note: This issue only affects 64-bit Windows. 32-bit Windows and other operating systems are unaffected. This vulnerability affects Firefox < 50.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 50affected

Weaknesses

  • 64-bit NPAPI sandbox isn't enabled on fresh profile

ADP Enrichment

CVE Program Container

Additional References

References