Changes between Initial Version and Version 1 of Ticket #8457
- Timestamp:
- 10/23/2016 10:43:31 PM (8 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #8457
- Property Summary firefox-49.0.2 → firefox-49.0.2 (CVE-2016-5288 CVE-2016-5287)
-
Ticket #8457 – Description
initial v1 23 23 24 24 https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/ 25 26 27 {{{ 28 CVE-2016-5287: Crash in nsTArray_base<T>::SwapArrayElements 29 30 REPORTER 31 Philipp 32 IMPACT 33 HIGH 34 Description 35 36 A potentially exploitable use-after-free crash during actor destruction with service workers. This issue does not affect releases earlier than Firefox 49. 37 }}} 38 39 {{{ 40 CVE-2016-5288: Web content can read cache entries 41 42 REPORTER 43 Developers at Cliqz.com 44 IMPACT 45 HIGH 46 Description 47 48 A Cliqz.com developer demonstrated that web content could access information in the HTTP cache if e10s is disabled. This can reveal some visited URLs and the contents of those pages. This issue affects Firefox 48 and 49. 49 }}}
