Medium severity5.3NVD Advisory· Published Jan 31, 2016· Updated Jun 17, 2026
CVE-2016-1940
CVE-2016-1940
Description
Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via a data: URL that is mishandled during (1) shortcut opening or (2) BOOKMARK intent processing.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <=43.0.4
- (no CPE)range: <44.0
- osv-coords2 versions
< 0+ 1 more
- (no CPE)range: < 0
- (no CPE)range: < 0
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.