Lucene search

[email protected]CVE-2016-1930

HistoryJan 31, 2016 - 6:59 p.m.

CVE-2016-1930

2016-01-3118:59:00

CWE-119

[email protected]

web.nvd.nist.gov

mozilla firefox

cve-2016-1930

remote attackers

denial of service

arbitrary code

browser engine

memory corruption

application crash

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.7%

JSON

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CPENameOperatorVersion
mozilla:firefoxmozilla firefoxle43.0.4
oracle:linuxoracle linuxeq5.0
oracle:linuxoracle linuxeq6
oracle:linuxoracle linuxeq7
mozilla:firefox_esrmozilla firefox esreq38.0
mozilla:firefox_esrmozilla firefox esreq38.1.0
mozilla:firefox_esrmozilla firefox esreq38.2.0
mozilla:firefox_esrmozilla firefox esreq38.4.0
mozilla:firefox_esrmozilla firefox esreq38.3.0
mozilla:firefox_esrmozilla firefox esreq38.5.0

CPE	Name	Operator	Version
mozilla:firefox	mozilla firefox	le	43.0.4
oracle:linux	oracle linux	eq	5.0
oracle:linux	oracle linux	eq	6
oracle:linux	oracle linux	eq	7
mozilla:firefox_esr	mozilla firefox esr	eq	38.0
mozilla:firefox_esr	mozilla firefox esr	eq	38.1.0
mozilla:firefox_esr	mozilla firefox esr	eq	38.2.0
mozilla:firefox_esr	mozilla firefox esr	eq	38.4.0
mozilla:firefox_esr	mozilla firefox esr	eq	38.3.0
mozilla:firefox_esr	mozilla firefox esr	eq	38.5.0