1
Candidate: CVE-2016-1972
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1972
5
https://www.mozilla.org/en-US/security/advisories/mfsa2016-32/
7
Race condition in libvpx in Mozilla Firefox before 45.0 on Windows might
8
allow remote attackers to cause a denial of service (use-after-free) or
9
possibly have unspecified other impact via unknown vectors.
12
sbeattie> may affect libvpx
13
chrisccoulson> Windows only, according to Mozilla advisory
15
https://bugzilla.mozilla.org/show_bug.cgi?id=1218124
17
Discovered-by: Ronald Crane
18
Assigned-to: chrisccoulson
21
upstream_firefox: released (45.0)
22
precise_firefox: not-affected
23
trusty_firefox: not-affected
24
vivid/ubuntu-core_firefox: DNE
25
vivid/stable-phone-overlay_firefox: DNE
26
wily_firefox: not-affected
27
devel_firefox: not-affected (45.0+build2-0ubuntu1)
30
Priority_thunderbird: low
31
upstream_thunderbird: not-affected
32
precise_thunderbird: not-affected
33
trusty_thunderbird: not-affected
34
vivid/ubuntu-core_thunderbird: DNE
35
vivid/stable-phone-overlay_thunderbird: DNE
36
wily_thunderbird: not-affected
37
devel_thunderbird: not-affected
40
upstream: https://github.com/mozilla/system-addons/commit/168bcdfbd549f1460fc2c878377719e12c2fa133
41
upstream_libvpx: needs-triage
42
precise_libvpx: not-affected (windows-specific)
43
trusty_libvpx: not-affected (windows-specific)
44
vivid/stable-phone-overlay_libvpx: not-affected (windows-specific)
45
vivid/ubuntu-core_libvpx: DNE
46
wily_libvpx: not-affected (windows-specific)
47
devel_libvpx: not-affected (windows-specific)