1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
PublicDateAtUSN: 2016-01-26
Candidate: CVE-2016-1947
PublicDate: 2016-01-31
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1947
https://www.mozilla.org/en-US/security/advisories/mfsa2016-11/
http://www.ubuntu.com/usn/usn-2880-1
Description:
Mozilla Firefox 43.x mishandles attempts to connect to the Application
Reputation service, which makes it easier for remote attackers to trigger
an unintended download by leveraging the absence of reputation data.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by: François Marier
Assigned-to: chrisccoulson
Patches_firefox:
upstream_firefox: released (44.0)
precise_firefox: released (44.0+build3-0ubuntu0.12.04.1)
trusty_firefox: released (44.0+build3-0ubuntu0.14.04.1)
vivid_firefox: released (44.0+build3-0ubuntu0.15.04.1)
vivid/ubuntu-core_firefox: DNE
vivid/stable-phone-overlay_firefox: DNE
wily_firefox: released (44.0+build3-0ubuntu0.15.10.1)
devel_firefox: released (44.0+build3-0ubuntu1)
Patches_thunderbird:
Priority_thunderbird: low
upstream_thunderbird: not-affected
precise_thunderbird: not-affected
trusty_thunderbird: not-affected
vivid_thunderbird: not-affected
vivid/ubuntu-core_thunderbird: DNE
vivid/stable-phone-overlay_thunderbird: DNE
wily_thunderbird: not-affected
devel_thunderbird: not-affected
|