Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-5294

Опубликовано: 11 июн. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 2.1
CVSS3: 5.5

Описание

The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.

РелизСтатусПримечание
devel

not-affected

windows only
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [windows only]]
precise

not-affected

windows only
trusty

not-affected

windows only
trusty/esm

DNE

trusty was not-affected [windows only]
upstream

released

50
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

xenial

not-affected

windows only
yakkety

not-affected

windows only

Показывать по

РелизСтатусПримечание
devel

not-affected

windows only
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [windows only]]
precise

not-affected

windows only
trusty

not-affected

windows only
trusty/esm

DNE

trusty was not-affected [windows only]
upstream

not-affected

windows only
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

xenial

not-affected

windows only
yakkety

not-affected

windows only

Показывать по

Ссылки на источники

EPSS

Процентиль: 22%
0.00071
Низкий

2.1 Low

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2016-5294

CVSS3: 5.5
nvd
больше 7 лет назад

The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.

debian логотип

CVE-2016-5294

CVSS3: 5.5
debian
больше 7 лет назад

The Mozilla Updater can be made to choose an arbitrary target working ...

github логотип

GHSA-pwq7-q338-mgmf

CVSS3: 5.5
github
больше 3 лет назад

The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.

EPSS

Процентиль: 22%
0.00071
Низкий

2.1 Low

CVSS2

5.5 Medium

CVSS3