USN-3111-1

Advisory lineage Upstream: 4 Downstream: 0

Upstream

CVE-2016-5287 CVE-2016-5288 UBUNTU-CVE-2016-5287 UBUNTU-CVE-2016-5288

Published: 27 Oct 2016, 20:18

Last modified:22 Apr 2026, 09:29

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

27 Oct 2016, 20:18

Published

Vulnerability first disclosed

22 Apr 2026, 09:29

Last Modified

Vulnerability information updated

Description

firefox vulnerabilities A use-after-free was discovered in service workers. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via program crash, or execute arbitrary code. (CVE-2016-5287) It was discovered that web content could access information in the HTTP cache in some circumstances. An attacker could potentially exploit this to obtain sensitive information. (CVE-2016-5288)

Affected Systems

ubuntu•firefox
< 49.0.2+build2-0ubuntu0.14.04.1 | < 49.0.2+build2-0ubuntu0.16.04.2

USN-3111-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)