CVE-2017-7821

Priority
Medium
Description
A vulnerability where WebExtensions can download and attempt to open a file
of some non-executable file types. This can be triggered without specific
user interaction for the file download and open actions. This could be used
to trigger known vulnerabilities in the programs that handle those document
types. This vulnerability affects Firefox < 56.
References
Assigned-to
chrisccoulson
Package
Upstream:released (56.0)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (56.0+build6-0ubuntu0.14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (56.0+build6-0ubuntu0.16.04.1)
Ubuntu 17.10 (Artful Aardvark):released (56.0+build6-0ubuntu1)
Ubuntu 18.04 LTS (Bionic Beaver):released (56.0+build6-0ubuntu1)
Ubuntu 18.10 (Cosmic Cuttlefish):released (56.0+build6-0ubuntu1)
More Information

Updated: 2018-06-26 05:02:44 UTC (commit 7799c934cca373482531a7b00e4dfe82302ceae5)