CVE-2016-2807Improper Restriction of Operations within the Bounds of a Memory Buffer in Mozilla Firefox

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer12 documents8 sources
Severity
8.8HIGHNVD
OSV6.5
EPSS
1.8%
top 17.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Mozilla ThunderbirdMozilla FirefoxOpensuse Leap+2 more
Timeline
PublishedApr 30
Latest updateMay 14

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

NVDmozilla/firefox45.0.2+16
Ubuntumozilla/thunderbird< 1:38.8.0+build1-0ubuntu0.14.04.1+1
NVDopensuse/leap42.1
NVDopensuse/opensuse13.1, 13.2+1

Also affects: Linux Enterprise 12.0

🔴Vulnerability Details

6
GHSA
GHSA-w36j-5cvw-5rr3: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 462022-05-14
OSV
thunderbird vulnerabilities2016-05-19
OSV
firefox regression2016-05-19
OSV
CVE-2016-2807: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 462016-04-30
CVEList
CVE-2016-2807: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 462016-04-30

📋Vendor Advisories

4
Ubuntu
Thunderbird vulnerabilities2016-05-19
Ubuntu
Firefox vulnerabilities2016-04-27
Red Hat
Mozilla: Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8) (MFSA 2016-39)2016-04-26
Debian
CVE-2016-2807: firefox - Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox be...2016

💬Community

1
Bugzilla
CVE-2016-2807 Mozilla: Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8) (MFSA 2016-39)2016-04-25
CVE-2016-2807 — Mozilla Firefox vulnerability | cvebase