CVE-2016-9075 log
| Source |
|
| Severity | High |
| Remote | Yes |
| Type | Privilege escalation |
| Description | An issue where WebExtensions can use the mozAddonManager API to elevate privilege due to privileged pages being allowed in the permissions list. This allows a malicious extension to then install additional extensions without explicit user permission. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-72 | firefox | 49.0.2-1 | 50.0-1 | Critical | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 16 Nov 2016 | ASA-201611-16 | AVG-72 | firefox | Critical | multiple issues |
| References |
|---|
https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/#CVE-2016-9075 |