vulnerability
FreeBSD: VID-d1853110-07f4-4645-895b-6fd462ad0589 (CVE-2016-5294): mozilla -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:N/I:P/A:N) | Nov 16, 2016 | Nov 16, 2016 | Jun 15, 2026 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:N/I:P/A:N)
Published
Nov 16, 2016
Added
Nov 16, 2016
Modified
Jun 15, 2026
Description
The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Thunderbird less than 45.5, Firefox ESR less than 45.5, and Firefox less than 50.
Solutions
freebsd-upgrade-package-firefoxfreebsd-upgrade-package-seamonkeyfreebsd-upgrade-package-linux-seamonkeyfreebsd-upgrade-package-firefox-esrfreebsd-upgrade-package-linux-firefoxfreebsd-upgrade-package-libxulfreebsd-upgrade-package-thunderbirdfreebsd-upgrade-package-linux-thunderbird
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.