Bugzilla – Bug 983632
VUL-0: CVE-2016-2832: MozillaFirefox: Information disclosure of disabled plugins through CSS pseudo-classes (MFSA 2016-59)
Last modified: 2020-04-05 18:21:57 UTC
https://www.mozilla.org/en-US/security/advisories/mfsa2016-59/ Mozilla Foundation Security Advisory 2016-59 Information disclosure of disabled plugins through CSS pseudo-classes Announced June 7, 2016 Reporter John Schoenick Impact Moderate Products Firefox Fixed in Firefox 47 Description Mozilla developer John Schoenick reported that CSS pseudo-classes can be used by web content to leak information on plugins that are installed but disabled. This can be used for information disclosure through a fingerprinting attack that lists all of the plugins installed by a user on a system, even when they are disabled.
CVE-2016-2832
bugbot adjusting priority
openSUSE-SU-2016:1552-1: An update that solves 13 vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 980384,981695,983549,983632,983638,983639,983640,983643,983644,983646,983649,983651,983652,983653,983655 CVE References: CVE-2016-2815,CVE-2016-2818,CVE-2016-2819,CVE-2016-2821,CVE-2016-2822,CVE-2016-2824,CVE-2016-2825,CVE-2016-2828,CVE-2016-2829,CVE-2016-2831,CVE-2016-2832,CVE-2016-2833,CVE-2016-2834 Sources used: openSUSE Leap 42.1 (src): MozillaFirefox-47.0-24.1, mozilla-nss-3.23-18.1 openSUSE 13.2 (src): MozillaFirefox-47.0-71.1, mozilla-nss-3.23-34.1
openSUSE-SU-2016:1557-1: An update that solves 14 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 980384,981695,983549,983632,983638,983639,983640,983643,983644,983646,983649,983651,983652,983653,983655 CVE References: CVE-2016-1950,CVE-2016-2815,CVE-2016-2818,CVE-2016-2819,CVE-2016-2821,CVE-2016-2822,CVE-2016-2824,CVE-2016-2825,CVE-2016-2828,CVE-2016-2829,CVE-2016-2831,CVE-2016-2832,CVE-2016-2833,CVE-2016-2834 Sources used: openSUSE 13.1 (src): MozillaFirefox-47.0-116.1, mozilla-nss-3.23-80.1
released