USN-3124-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-3124-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-3124-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-3124-1
Related
  • CVE-2016-5289
  • CVE-2016-5290
  • CVE-2016-5291
  • CVE-2016-5292
  • CVE-2016-5296
  • CVE-2016-5297
  • CVE-2016-9063
  • CVE-2016-9064
  • CVE-2016-9066
  • CVE-2016-9067
  • CVE-2016-9068
  • CVE-2016-9069
  • CVE-2016-9070
  • CVE-2016-9071
  • CVE-2016-9073
  • CVE-2016-9075
  • CVE-2016-9076
  • CVE-2016-9077
Published
2016-11-19T00:07:46.090318Z
Modified
2016-11-19T00:07:46.090318Z
Summary
firefox vulnerabilities
Details

Christian Holler, Andrew McCreight, Dan Minor, Tyson Smith, Jon Coppeard, Jan-Ivar Bruaroey, Jesse Ruderman, Markus Stange, Olli Pettay, Ehsan Akhgari, Gary Kwong, Tooru Fujisawa, and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5289, CVE-2016-5290)

A same-origin policy bypass was discovered with local HTML files in some circumstances. An attacker could potentially exploit this to obtain sensitive information. (CVE-2016-5291)

A crash was discovered when parsing URLs in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to execute arbitrary code. (CVE-2016-5292)

A heap buffer-overflow was discovered in Cairo when processing SVG content. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5296)

An error was discovered in argument length checking in Javascript. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5297)

An integer overflow was discovered in the Expat library. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash. (CVE-2016-9063)

It was discovered that addon updates failed to verify that the addon ID inside the signed package matched the ID of the addon being updated. An attacker that could perform a machine-in-the-middle (MITM) attack could potentially exploit this to provide malicious addon updates. (CVE-2016-9064)

A buffer overflow was discovered in nsScriptLoadHandler. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-9066)

2 use-after-free bugs were discovered during DOM operations in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-9067, CVE-2016-9069)

A heap use-after-free was discovered during web animations in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-9068)

It was discovered that a page loaded in to the sidebar through a bookmark could reference a privileged chrome window. An attacker could potentially exploit this to bypass same origin restrictions. (CVE-2016-9070)

An issue was discovered with Content Security Policy (CSP) in combination with HTTP to HTTPS redirection. An attacker could potentially exploit this to verify whether a site is within the user's browsing history. (CVE-2016-9071)

An issue was discovered with the windows.create() WebExtensions API. If a user were tricked in to installing a malicious extension, an attacker could potentially exploit this to escape the WebExtensions sandbox. (CVE-2016-9073)

It was discovered that WebExtensions can use the mozAddonManager API. An attacker could potentially exploit this to install additional extensions without user permission. (CVE-2016-9075)

It was discovered that <select> element dropdown menus can cover location bar content when e10s is enabled. An attacker could potentially exploit this to conduct UI spoofing attacks. (CVE-2016-9076)

It was discovered that canvas allows the use of the feDisplacementMap filter on cross-origin images. An attacker could potentially exploit this to conduct timing attacks. (CVE-2016-9077)

References

Affected packages

Ubuntu:14.04:LTS / firefox

Package

Name
firefox

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
50.0+build2-0ubuntu0.14.04.2

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "firefox-locale-nl": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-kn": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-gl": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-sv": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-kk": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-fy": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-or": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-az": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-lt": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-hy": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-eo": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-km": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-testsuite": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-sr": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-is": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-ca": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-uk": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-ga": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-it": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-ja": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-lg": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-ms": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-zh-hans": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-mozsymbols": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-ko": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-hr": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-mai": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-nb": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-dev": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-vi": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-he": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-sw": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-el": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-oc": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-xh": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-nn": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-ar": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-csb": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-cs": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-gn": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-hsb": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-zu": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-ro": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-globalmenu": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-af": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-nso": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-sk": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-si": "50.0+build2-0ubuntu0.14.04.2",
            "firefox": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-cy": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-fa": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-cak": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-sq": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-en": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-tr": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-br": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-et": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-ast": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-th": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-da": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-fi": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-ku": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-mn": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-ru": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-mk": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-bg": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-hu": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-gu": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-bn": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-ml": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-an": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-be": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-eu": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-fr": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-pa": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-as": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-lv": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-pl": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-gd": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-te": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-ta": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-ka": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-id": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-bs": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-hi": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-zh-hant": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-mr": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-es": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-sl": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-uz": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-pt": "50.0+build2-0ubuntu0.14.04.2",
            "firefox-locale-de": "50.0+build2-0ubuntu0.14.04.2"
        }
    ]
}

Ubuntu:16.04:LTS / firefox

Package

Name
firefox

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
50.0+build2-0ubuntu0.16.04.2

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "firefox-locale-nl": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-kn": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-gl": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-sv": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-kk": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-fy": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-or": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-az": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-lt": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-hy": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-eo": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-km": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-testsuite": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-sr": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-is": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-ca": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-uk": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-ga": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-it": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-ja": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-lg": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-ms": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-zh-hans": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-mozsymbols": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-ko": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-hr": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-mai": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-nb": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-dev": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-vi": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-he": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-sw": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-el": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-oc": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-xh": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-nn": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-ar": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-csb": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-cs": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-gn": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-hsb": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-zu": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-ro": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-globalmenu": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-af": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-nso": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-sk": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-si": "50.0+build2-0ubuntu0.16.04.2",
            "firefox": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-cy": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-fa": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-cak": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-sq": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-en": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-tr": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-br": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-et": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-ast": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-th": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-da": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-fi": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-ku": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-mn": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-ru": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-mk": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-bg": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-hu": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-gu": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-bn": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-ml": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-an": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-be": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-eu": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-fr": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-pa": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-as": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-lv": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-pl": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-gd": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-te": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-ta": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-ka": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-id": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-bs": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-hi": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-zh-hant": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-mr": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-es": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-sl": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-uz": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-pt": "50.0+build2-0ubuntu0.16.04.2",
            "firefox-locale-de": "50.0+build2-0ubuntu0.16.04.2"
        }
    ]
}