CVE-2016-2804

Published: 27 April 2016

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Priority

Medium

CVSS 3 base score: 8.8

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
Upstream
Released (46.0)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (46.0+build5-0ubuntu0.16.04.2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [46.0+build5-0ubuntu0.14.04.2])
thunderbird
Launchpad, Ubuntu, Debian
Upstream Not vulnerable

Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected)