Lucene search

[email protected]CVE-2016-1953

HistoryMar 13, 2016 - 6:59 p.m.

CVE-2016-1953

2016-03-1318:59:02

CWE-119

[email protected]

web.nvd.nist.gov

cve-2016-1953

mozilla firefox

remote attackers

denial of service

arbitrary code

browser engine

memory corruption

application crash

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.2%

JSON

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and unknown other vectors.

Affected configurations

NVD

Node

mozillafirefoxRange≤44.0.2

mozillafirefox_esrMatch38.0

mozillafirefox_esrMatch38.0.1

mozillafirefox_esrMatch38.0.5

mozillafirefox_esrMatch38.1.0

mozillafirefox_esrMatch38.1.1

mozillafirefox_esrMatch38.2.0

mozillafirefox_esrMatch38.2.1

mozillafirefox_esrMatch38.3.0

mozillafirefox_esrMatch38.4.0

mozillafirefox_esrMatch38.5.0

mozillafirefox_esrMatch38.5.1

mozillafirefox_esrMatch38.6.0

mozillafirefox_esrMatch38.6.1

mozillathunderbirdRange≤38.6.0

Node

novellsuse_package_hub_for_suse_linux_enterpriseMatch12

opensuseleapMatch42.1

opensuseopensuseMatch13.1

opensuseopensuseMatch13.2

CPENameOperatorVersion
mozilla:firefoxmozilla firefoxle44.0.2
mozilla:firefox_esrmozilla firefox esreq38.0
mozilla:firefox_esrmozilla firefox esreq38.0.1
mozilla:firefox_esrmozilla firefox esreq38.0.5
mozilla:firefox_esrmozilla firefox esreq38.1.0
mozilla:firefox_esrmozilla firefox esreq38.1.1
mozilla:firefox_esrmozilla firefox esreq38.2.0
mozilla:firefox_esrmozilla firefox esreq38.2.1
mozilla:firefox_esrmozilla firefox esreq38.3.0
mozilla:firefox_esrmozilla firefox esreq38.4.0

CPE	Name	Operator	Version
mozilla:firefox	mozilla firefox	le	44.0.2
mozilla:firefox_esr	mozilla firefox esr	eq	38.0
mozilla:firefox_esr	mozilla firefox esr	eq	38.0.1
mozilla:firefox_esr	mozilla firefox esr	eq	38.0.5
mozilla:firefox_esr	mozilla firefox esr	eq	38.1.0
mozilla:firefox_esr	mozilla firefox esr	eq	38.1.1
mozilla:firefox_esr	mozilla firefox esr	eq	38.2.0
mozilla:firefox_esr	mozilla firefox esr	eq	38.2.1
mozilla:firefox_esr	mozilla firefox esr	eq	38.3.0
mozilla:firefox_esr	mozilla firefox esr	eq	38.4.0

Rows per page:

1-10 of 151

References

lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

www.mozilla.org/security/announce/2016/mfsa2016-16.html

www.securitytracker.com/id/1035215

www.ubuntu.com/usn/USN-2917-1

www.ubuntu.com/usn/USN-2917-2

www.ubuntu.com/usn/USN-2917-3

bugzilla.mozilla.org/show_bug.cgi?id=1199171

bugzilla.mozilla.org/show_bug.cgi?id=1205163

bugzilla.mozilla.org/show_bug.cgi?id=1207958

bugzilla.mozilla.org/show_bug.cgi?id=1224361

bugzilla.mozilla.org/show_bug.cgi?id=1224363

bugzilla.mozilla.org/show_bug.cgi?id=1224369

bugzilla.mozilla.org/show_bug.cgi?id=1225618

bugzilla.mozilla.org/show_bug.cgi?id=1234425

bugzilla.mozilla.org/show_bug.cgi?id=1236519

bugzilla.mozilla.org/show_bug.cgi?id=1238558

bugzilla.mozilla.org/show_bug.cgi?id=1238935

bugzilla.mozilla.org/show_bug.cgi?id=1241731

bugzilla.mozilla.org/show_bug.cgi?id=1243555

bugzilla.mozilla.org/show_bug.cgi?id=1243583

bugzilla.mozilla.org/show_bug.cgi?id=1245866

bugzilla.mozilla.org/show_bug.cgi?id=1247236

bugzilla.mozilla.org/show_bug.cgi?id=1248794

security.gentoo.org/glsa/201605-06

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.2%

JSON

Related for CVE-2016-1953

debiancve1 prion1 nvd1 cvelist1 ubuntucve1 mozilla1 openvas19 nessus17 freebsd1 archlinux2 suse9 ubuntu3 kaspersky1 gentoo1