CVE-2017-5456 (retired)

Priority
Description
A mechanism to bypass file system access protections in the sandbox using
the file system request constructor through an IPC message. This allows for
read and write access to the local file system. This vulnerability affects
Firefox ESR < 52.1 and Firefox < 53.
Assigned-to
chrisccoulson
Package
Upstream:released (53.0)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored)
Ubuntu 14.04 LTS (Trusty Tahr):released (53.0+build6-0ubuntu0.14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (53.0+build6-0ubuntu0.16.04.1)
Package
Upstream:not-affected
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
More Information

Updated: 2019-03-26 12:26:03 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)