CVE-2016-1973Race Condition in Mozilla Firefox

9 documents8 sources
Severity
8.8HIGHNVD
EPSS
1.0%
top 22.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla FirefoxOracle Linux
Timeline
PublishedMar 13
Latest updateMay 13

Description

Race condition in the GetStaticInstance function in the WebRTC implementation in Mozilla Firefox before 45.0 might allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

NVDmozilla/firefox44.0.2
NVDoracle/linux5.0, 6, 7+2

🔴Vulnerability Details

3
GHSA
GHSA-rx9c-3qcp-h267: Race condition in the GetStaticInstance function in the WebRTC implementation in Mozilla Firefox before 452022-05-13
OSV
CVE-2016-1973: Race condition in the GetStaticInstance function in the WebRTC implementation in Mozilla Firefox before 452016-03-13
CVEList
CVE-2016-1973: Race condition in the GetStaticInstance function in the WebRTC implementation in Mozilla Firefox before 452016-03-13

📋Vendor Advisories

3
Ubuntu
Firefox vulnerabilities2016-03-09
Red Hat
Mozilla: Use-after-free in GetStaticInstance in WebRTC (MFSA 2016-33)2016-03-08
Debian
CVE-2016-1973: firefox - Race condition in the GetStaticInstance function in the WebRTC implementation in...2016

💬Community

2
Bugzilla
CVE-2016-7031 ceph: RGW permits bucket listing when authenticated_users=read2016-09-01
Bugzilla
CVE-2016-1973 Mozilla: Use-after-free in GetStaticInstance in WebRTC (MFSA 2016-33)2016-03-08
CVE-2016-1973 — Race Condition in Mozilla Firefox | cvebase