1
PublicDateAtUSN: 2016-09-22
2
Candidate: CVE-2016-5278
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278
6
https://www.mozilla.org/en-US/security/advisories/mfsa2016-85/
7
https://usn.ubuntu.com/usn/usn-3076-1
8
https://usn.ubuntu.com/usn/usn-3112-1
10
Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in
11
Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird
12
< 45.4 allows remote attackers to execute arbitrary code via a crafted
13
image data that is mishandled during the encoding of an image frame to an
20
Assigned-to: chrisccoulson
23
upstream_firefox: released (49.0)
24
precise_firefox: released (49.0+build4-0ubuntu0.12.04.1)
25
trusty_firefox: released (49.0+build4-0ubuntu0.14.04.1)
26
vivid/ubuntu-core_firefox: DNE
27
vivid/stable-phone-overlay_firefox: DNE
28
xenial_firefox: released (49.0+build4-0ubuntu0.16.04.1)
29
yakkety_firefox: released (49.0+build4-0ubuntu2)
30
devel_firefox: released (49.0+build4-0ubuntu2)
33
upstream_thunderbird: released (45.4.0)
34
precise_thunderbird: released (1:45.4.0+build1-0ubuntu0.12.04.1)
35
trusty_thunderbird: released (1:45.4.0+build1-0ubuntu0.14.04.1)
36
vivid/ubuntu-core_thunderbird: DNE
37
vivid/stable-phone-overlay_thunderbird: DNE
38
xenial_thunderbird: released (1:45.4.0+build1-0ubuntu0.16.04.1)
39
yakkety_thunderbird: released (1:45.4.0+build1-0ubuntu0.16.10.1)
40
devel_thunderbird: released (1:45.7.0+build1-0ubuntu1)