CVE-2016-1972 — Race Condition in Mozilla Firefox

6 documents5 sources

Severity

8.8HIGHNVD

EPSS

0.6%

top 29.83%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Debian Libvpx

Timeline

PublishedMar 13

Latest updateMay 17

Description

Race condition in libvpx in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶NVDmozilla/firefox44.0.2

▶debiandebian/libvpx

🔴Vulnerability Details

GHSA

GHSA-cx3x-8cg7-v23q: Race condition in libvpx in Mozilla Firefox before 45↗2022-05-17

▶

📋Vendor Advisories

Red Hat

Mozilla: WebRTC and LibVPX vulnerabilities found through code inspection (MFSA 2016-32)↗2016-03-08

▶

Debian

CVE-2016-1972: libvpx - Race condition in libvpx in Mozilla Firefox before 45.0 on Windows might allow r...↗2016

▶

💬Community

Bugzilla

CVE-2016-7031 ceph: RGW permits bucket listing when authenticated_users=read↗2016-09-01

▶

Bugzilla

CVE-2016-1970 CVE-2016-1971 CVE-2016-1972 CVE-2016-1975 CVE-2016-1976 Mozilla: WebRTC and LibVPX vulnerabilities found through code inspection (MFSA 2016-32)↗2016-03-08

▶