1
Candidate: CVE-2016-5253
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5253
5
https://www.mozilla.org/en-US/security/advisories/mfsa2016-69/
6
https://bugzilla.mozilla.org/show_bug.cgi?id=1246944
8
The Updater in Mozilla Firefox before 48.0 on Windows allows local users to
9
write to arbitrary files via vectors involving the callback
10
application-path parameter and a hard link.
13
sbeattie> windows only
16
Discovered-by: Holger Fuhrmannek
17
Assigned-to: chrisccoulson
20
upstream_firefox: released (48)
21
precise_firefox: not-affected (windows only)
22
trusty_firefox: not-affected (windows only)
23
vivid/ubuntu-core_firefox: DNE
24
vivid/stable-phone-overlay_firefox: DNE
25
xenial_firefox: not-affected (windows only)
26
devel_firefox: not-affected (windows only)
29
Priority_thunderbird: low
30
upstream_thunderbird: not-affected
31
precise_thunderbird: not-affected
32
trusty_thunderbird: not-affected
33
vivid/ubuntu-core_thunderbird: DNE
34
vivid/stable-phone-overlay_thunderbird: DNE
35
xenial_thunderbird: not-affected
36
devel_thunderbird: not-affected