CVE-2016-5252

CWE-119Buffer Overflow8 documents8 sources
Severity
8.8HIGH
EPSS
1.5%
top 19.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla FirefoxOracle Linux
Timeline
PublishedAug 5
Latest updateMay 13

Description

Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region calculations.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

NVDmozilla/firefox47.0.1+4
Debianfirefox-esr< 45.3.0esr-1+3
NVDoracle/linux5.0, 6, 7+2

🔴Vulnerability Details

3
GHSA
GHSA-8vhf-hgr9-gmr5: Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 482022-05-13
OSV
CVE-2016-5252: Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 482016-08-05
CVEList
CVE-2016-5252: Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 482016-08-05

📋Vendor Advisories

3
Ubuntu
Firefox vulnerabilities2016-08-05
Red Hat
Mozilla: Stack underflow during 2D graphics rendering (MFSA 2016-67)2016-08-02
Debian
CVE-2016-5252: firefox - Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozill...2016

💬Community

1
Bugzilla
CVE-2016-5252 Mozilla: Stack underflow during 2D graphics rendering (MFSA 2016-67)2016-08-01
CVE-2016-5252 (HIGH CVSS 8.8) | Stack-based buffer underflow in the | cvebase.io