Your submission was sent successfully! Close

CVE-2016-2816

Published: 27 April 2016

Mozilla Firefox before 46.0 allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via the multipart/x-mixed-replace content type.

Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
precise
Released (46.0+build5-0ubuntu0.12.04.2)
trusty Does not exist
(trusty was released [46.0+build5-0ubuntu0.14.04.2])
upstream
Released (46.0)
wily
Released (46.0+build5-0ubuntu0.15.10.2)
xenial
Released (46.0+build5-0ubuntu0.16.04.2)
thunderbird
Launchpad, Ubuntu, Debian
precise Not vulnerable

trusty Does not exist
(trusty was not-affected)
upstream Not vulnerable

wily Not vulnerable

xenial Not vulnerable