A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Firefox could be made to crash or run programs as your login if it
opened a malicious website.
- firefox: Mozilla Open Source web browser
USN-4637-1 fixed vulnerabilities in Firefox. This update provides the
corresponding updates for Ubuntu 16.04 LTS.
Original advisory details:
Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across origins, bypass security restrictions, conduct phishing
attacks, conduct cross-site scripting (XSS) attacks, bypass Content
Security Policy (CSP) restrictions, conduct DNS rebinding attacks, or
execute arbitrary code.
The problem can be corrected by updating your system to the following