CVE-2016-5296

🗓️ 11 Jun 2018 21:00:00Reported by mozillaType

A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash

Reporter	Title	Published	Views	Family All 104
IBM Security Bulletins	Security Bulletin: Mozilla Firefox vulnerability issues in IBM SONAS	18 Jun 201800:32	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM Storwize V7000 Unified.	18 Jun 201800:32	–	ibm
Tenable Nessus	Mozilla Firefox < 50.0 Multiple Vulnerabilities	2 Dec 201600:00	–	nessus
Tenable Nessus	Mozilla Firefox ESR < 45.5 Multiple Vulnerabilities	2 Dec 201600:00	–	nessus
Tenable Nessus	CentOS 5 / 6 : firefox (CESA-2016:2780)	21 Nov 201600:00	–	nessus
Tenable Nessus	Debian DLA-730-1 : firefox-esr security update	2 Dec 201600:00	–	nessus
Tenable Nessus	Debian DLA-752-1 : icedove security update	20 Dec 201600:00	–	nessus
Tenable Nessus	Debian DSA-3716-1 : firefox-esr - security update	17 Nov 201600:00	–	nessus
Tenable Nessus	Debian DSA-3730-1 : icedove - security update	12 Dec 201600:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP1 : firefox (EulerOS-SA-2016-1085)	1 May 201700:00	–	nessus

NVD

Vulners

Node

mozilla firefoxRange<45.5.0

mozilla firefoxRange<50.0

mozilla thunderbirdRange<45.5.0

Node

debian debian_linuxMatch8.0

[
  {
    "product": "Thunderbird",
    "vendor": "Mozilla",
    "versions": [
      {
        "lessThan": "45.5",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Firefox ESR",
    "vendor": "Mozilla",
    "versions": [
      {
        "lessThan": "45.5",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Firefox",
    "vendor": "Mozilla",
    "versions": [
      {
        "lessThan": "50",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
security	www.security.gentoo.org/glsa/201701-15
mozilla	www.mozilla.org/security/advisories/mfsa2016-90/
debian	www.debian.org/security/2016/dsa-3730
bugzilla	www.bugzilla.mozilla.org/show_bug.cgi
rhn	www.rhn.redhat.com/errata/RHSA-2016-2780.html
securityfocus	www.securityfocus.com/bid/94339
mozilla	www.mozilla.org/security/advisories/mfsa2016-93/
securitytracker	www.securitytracker.com/id/1037298
mozilla	www.mozilla.org/security/advisories/mfsa2016-89/

25 Nov 2025 17:50Current

8High risk

Vulners AI Score8

CVSS 25

CVSS 37.5

EPSS0.0257

CWE-119