CVE-2016-1935
published 2016-01-31CVE-2016-1935: Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code…
high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mozilla | firefox | <= 43.0.4 | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | >= 0 < 44.0.1+build2-0ubuntu0.14.04.1 | 44.0.1+build2-0ubuntu0.14.04.1 |
| mozilla | firefox | >= 0 < 44.0+build3-0ubuntu0.14.04.1 | 44.0+build3-0ubuntu0.14.04.1 |
| mozilla | thunderbird | >= 0 < 1:38.6.0+build1-0ubuntu0.14.04.1 | 1:38.6.0+build1-0ubuntu0.14.04.1 |
| opensuse | leap | — | — |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| oracle | linux | — | — |
| oracle | linux | — | — |
| oracle | linux | — | — |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv9.8CRITICAL