suse-su-2016:2434-1
Vulnerability from csaf_suse
Published
2016-10-04 07:31
Modified
2016-10-04 07:31
Summary
Security update for MozillaFirefox
Notes
Title of the patch
Security update for MozillaFirefox
Description of the patch
MozillaFirefox was updated to version 45.4.0 ESR to fix the following issues:
Security issues fixed: (bsc#999701 MFSA 2016-86):
* CVE-2016-5270: Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString
* CVE-2016-5272: Bad cast in nsImageGeometryMixin
* CVE-2016-5276: Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList
* CVE-2016-5274: use-after-free in nsFrameManager::CaptureFrameState
* CVE-2016-5277: Heap-use-after-free in nsRefreshDriver::Tick
* CVE-2016-5278: Heap-buffer-overflow in nsBMPEncoder::AddImageFrame
* CVE-2016-5280: Use-after-free in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap
* CVE-2016-5281: use-after-free in DOMSVGLength
* CVE-2016-5284: Add-on update site certificate pin expiration
* CVE-2016-5250: Resource Timing API is storing resources sent by the previous page
* CVE-2016-5261: Integer overflow and memory corruption in WebSocketChannel
* CVE-2016-5257: Memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4
Bug fixed:
- Fix for aarch64 Firefox startup crash (bsc#991344)
Patchnames
SUSE-SLE-DESKTOP-12-SP1-2016-1421,SUSE-SLE-SAP-12-2016-1421,SUSE-SLE-SDK-12-SP1-2016-1421,SUSE-SLE-SERVER-12-2016-1421,SUSE-SLE-SERVER-12-SP1-2016-1421
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for MozillaFirefox",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nMozillaFirefox was updated to version 45.4.0 ESR to fix the following issues:\n\nSecurity issues fixed: (bsc#999701 MFSA 2016-86):\n* CVE-2016-5270: Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString\n* CVE-2016-5272: Bad cast in nsImageGeometryMixin\n* CVE-2016-5276: Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList\n* CVE-2016-5274: use-after-free in nsFrameManager::CaptureFrameState\n* CVE-2016-5277: Heap-use-after-free in nsRefreshDriver::Tick\n* CVE-2016-5278: Heap-buffer-overflow in nsBMPEncoder::AddImageFrame\n* CVE-2016-5280: Use-after-free in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap\n* CVE-2016-5281: use-after-free in DOMSVGLength\n* CVE-2016-5284: Add-on update site certificate pin expiration\n* CVE-2016-5250: Resource Timing API is storing resources sent by the previous page\n* CVE-2016-5261: Integer overflow and memory corruption in WebSocketChannel\n* CVE-2016-5257: Memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4\n\nBug fixed:\n- Fix for aarch64 Firefox startup crash (bsc#991344)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP1-2016-1421,SUSE-SLE-SAP-12-2016-1421,SUSE-SLE-SDK-12-SP1-2016-1421,SUSE-SLE-SERVER-12-2016-1421,SUSE-SLE-SERVER-12-SP1-2016-1421",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_2434-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:2434-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162434-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:2434-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-October/002305.html"
},
{
"category": "self",
"summary": "SUSE Bug 991344",
"url": "https://bugzilla.suse.com/991344"
},
{
"category": "self",
"summary": "SUSE Bug 999701",
"url": "https://bugzilla.suse.com/999701"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5250 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5250/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5257 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5257/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5261 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5270 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5270/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5272 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5274 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5274/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5276 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5276/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5277 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5277/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5278 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5278/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5280 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5281 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5284 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5284/"
}
],
"title": "Security update for MozillaFirefox",
"tracking": {
"current_release_date": "2016-10-04T07:31:16Z",
"generator": {
"date": "2016-10-04T07:31:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:2434-1",
"initial_release_date": "2016-10-04T07:31:16Z",
"revision_history": [
{
"date": "2016-10-04T07:31:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"product": {
"name": "MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"product_id": "MozillaFirefox-devel-45.4.0esr-81.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-45.4.0esr-81.1.ppc64le",
"product": {
"name": "MozillaFirefox-45.4.0esr-81.1.ppc64le",
"product_id": "MozillaFirefox-45.4.0esr-81.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"product_id": "MozillaFirefox-translations-45.4.0esr-81.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"product": {
"name": "MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"product_id": "MozillaFirefox-devel-45.4.0esr-81.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-45.4.0esr-81.1.s390x",
"product": {
"name": "MozillaFirefox-45.4.0esr-81.1.s390x",
"product_id": "MozillaFirefox-45.4.0esr-81.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"product": {
"name": "MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"product_id": "MozillaFirefox-translations-45.4.0esr-81.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-45.4.0esr-81.1.x86_64",
"product": {
"name": "MozillaFirefox-45.4.0esr-81.1.x86_64",
"product_id": "MozillaFirefox-45.4.0esr-81.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"product_id": "MozillaFirefox-translations-45.4.0esr-81.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-45.4.0esr-81.1.x86_64",
"product": {
"name": "MozillaFirefox-devel-45.4.0esr-81.1.x86_64",
"product_id": "MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-45.4.0esr-81.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64"
},
"product_reference": "MozillaFirefox-45.4.0esr-81.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-45.4.0esr-81.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-45.4.0esr-81.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64"
},
"product_reference": "MozillaFirefox-45.4.0esr-81.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-45.4.0esr-81.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-45.4.0esr-81.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-45.4.0esr-81.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x"
},
"product_reference": "MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-45.4.0esr-81.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-45.4.0esr-81.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-45.4.0esr-81.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le"
},
"product_reference": "MozillaFirefox-45.4.0esr-81.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-45.4.0esr-81.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x"
},
"product_reference": "MozillaFirefox-45.4.0esr-81.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-45.4.0esr-81.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64"
},
"product_reference": "MozillaFirefox-45.4.0esr-81.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-45.4.0esr-81.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-45.4.0esr-81.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x"
},
"product_reference": "MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-45.4.0esr-81.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-45.4.0esr-81.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le"
},
"product_reference": "MozillaFirefox-45.4.0esr-81.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-45.4.0esr-81.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x"
},
"product_reference": "MozillaFirefox-45.4.0esr-81.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-45.4.0esr-81.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64"
},
"product_reference": "MozillaFirefox-45.4.0esr-81.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-45.4.0esr-81.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-45.4.0esr-81.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x"
},
"product_reference": "MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-45.4.0esr-81.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-45.4.0esr-81.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le"
},
"product_reference": "MozillaFirefox-45.4.0esr-81.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-45.4.0esr-81.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x"
},
"product_reference": "MozillaFirefox-45.4.0esr-81.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-45.4.0esr-81.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64"
},
"product_reference": "MozillaFirefox-45.4.0esr-81.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-45.4.0esr-81.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-45.4.0esr-81.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x"
},
"product_reference": "MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-45.4.0esr-81.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-5250",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5250"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 48.0, Firefox ESR \u003c 45.4 and Thunderbird \u003c 45.4 allow remote attackers to obtain sensitive information about the previously retrieved page via Resource Timing API calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5250",
"url": "https://www.suse.com/security/cve/CVE-2016-5250"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5250",
"url": "https://bugzilla.suse.com/991809"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5250",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-10-04T07:31:16Z",
"details": "moderate"
}
],
"title": "CVE-2016-5250"
},
{
"cve": "CVE-2016-5257",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5257"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird \u003c 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5257",
"url": "https://www.suse.com/security/cve/CVE-2016-5257"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5257",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-10-04T07:31:16Z",
"details": "important"
}
],
"title": "CVE-2016-5257"
},
{
"cve": "CVE-2016-5261",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5261"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR \u003c 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5261",
"url": "https://www.suse.com/security/cve/CVE-2016-5261"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-5261",
"url": "https://bugzilla.suse.com/991809"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5261",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-10-04T07:31:16Z",
"details": "moderate"
}
],
"title": "CVE-2016-5261"
},
{
"cve": "CVE-2016-5270",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5270"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to cause a denial of service (boolean out-of-bounds write) or possibly have unspecified other impact via Unicode characters that are mishandled during text conversion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5270",
"url": "https://www.suse.com/security/cve/CVE-2016-5270"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5270",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-10-04T07:31:16Z",
"details": "important"
}
],
"title": "CVE-2016-5270"
},
{
"cve": "CVE-2016-5272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5272"
}
],
"notes": [
{
"category": "general",
"text": "The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a crafted web site.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5272",
"url": "https://www.suse.com/security/cve/CVE-2016-5272"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5272",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-10-04T07:31:16Z",
"details": "important"
}
],
"title": "CVE-2016-5272"
},
{
"cve": "CVE-2016-5274",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5274"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5274",
"url": "https://www.suse.com/security/cve/CVE-2016-5274"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5274",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-10-04T07:31:16Z",
"details": "important"
}
],
"title": "CVE-2016-5274"
},
{
"cve": "CVE-2016-5276",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5276"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an aria-owns attribute.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5276",
"url": "https://www.suse.com/security/cve/CVE-2016-5276"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5276",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-10-04T07:31:16Z",
"details": "important"
}
],
"title": "CVE-2016-5276"
},
{
"cve": "CVE-2016-5277",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5277"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging improper interaction between timeline destruction and the Web Animations model implementation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5277",
"url": "https://www.suse.com/security/cve/CVE-2016-5277"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5277",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-10-04T07:31:16Z",
"details": "important"
}
],
"title": "CVE-2016-5277"
},
{
"cve": "CVE-2016-5278",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5278"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5278",
"url": "https://www.suse.com/security/cve/CVE-2016-5278"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5278",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-10-04T07:31:16Z",
"details": "important"
}
],
"title": "CVE-2016-5278"
},
{
"cve": "CVE-2016-5280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5280"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code via bidirectional text.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5280",
"url": "https://www.suse.com/security/cve/CVE-2016-5280"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5280",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-10-04T07:31:16Z",
"details": "important"
}
],
"title": "CVE-2016-5280"
},
{
"cve": "CVE-2016-5281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5281"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5281",
"url": "https://www.suse.com/security/cve/CVE-2016-5281"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5281",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-10-04T07:31:16Z",
"details": "important"
}
],
"title": "CVE-2016-5281"
},
{
"cve": "CVE-2016-5284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5284"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5284",
"url": "https://www.suse.com/security/cve/CVE-2016-5284"
},
{
"category": "external",
"summary": "SUSE Bug 999701 for CVE-2016-5284",
"url": "https://bugzilla.suse.com/999701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:MozillaFirefox-translations-45.4.0esr-81.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:MozillaFirefox-devel-45.4.0esr-81.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-10-04T07:31:16Z",
"details": "important"
}
],
"title": "CVE-2016-5284"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…