Candidate: CVE-2015-4482
PublicDate: 2015-08-16 01:59:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4482
 https://www.mozilla.org/en-US/security/advisories/mfsa2015-85/
Description:
 mar_read.c in the Updater in Mozilla Firefox before 40.0 and Firefox ESR
 38.x before 38.2 allows local users to gain privileges or cause a denial of
 service (out-of-bounds write) via a crafted name of a Mozilla Archive (aka
 MAR) file.
Ubuntu-Description: 
Notes: 
 chrisccoulson> Affects Mozilla updater
Bugs: 
Priority: medium
Discovered-by:
Assigned-to: chrisccoulson
CVSS: 

Patches_firefox: 
upstream_firefox: released (40.0)
precise_firefox: not-affected
trusty_firefox: not-affected
trusty/esm_firefox: DNE (trusty was not-affected)
vivid_firefox: not-affected
devel_firefox: not-affected

Patches_thunderbird:
Priority_thunderbird: low
upstream_thunderbird: pending (38.2.0)
precise_thunderbird: not-affected
trusty_thunderbird: not-affected
trusty/esm_thunderbird: DNE (trusty was not-affected)
vivid_thunderbird: not-affected
devel_thunderbird: not-affected