CVE-2017-5456

Priority
Description
A mechanism to bypass file system access protections in the sandbox using
the file system request constructor through an IPC message. This allows for
read and write access to the local file system. This vulnerability affects
Firefox ESR < 52.1 and Firefox < 53.
Assigned-to
chrisccoulson
Notes
Package
Upstream:released (53.0)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [53.0+build6-0ubuntu0.14.04.1])
Ubuntu 16.04 LTS (Xenial Xerus):released (53.0+build6-0ubuntu0.16.04.1)
Package
Upstream:not-affected
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
More Information

Updated: 2019-12-05 18:49:10 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)