Lucene search

K

MozillaCVELIST:CVE-2016-2838

HistoryAug 05, 2016 - 1:00 a.m.

CVE-2016-2838

2016-08-0501:00:00

mozilla

www.cve.org

8

AI Score

9.6

Confidence

High

EPSS

0.053

Percentile

93.2%

Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document.

References

lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html

lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html

rhn.redhat.com/errata/RHSA-2016-1551.html

www.debian.org/security/2016/dsa-3640

www.mozilla.org/security/announce/2016/mfsa2016-64.html

www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

www.securityfocus.com/bid/92261

www.securitytracker.com/id/1036508

www.ubuntu.com/usn/USN-3044-1

bugzilla.mozilla.org/show_bug.cgi?id=1279814

security.gentoo.org/glsa/201701-15

AI Score

9.6

Confidence

High

EPSS

0.053

Percentile

93.2%

Related for CVELIST:CVE-2016-2838

redhatcve1 nvd1 debiancve1 openvas19 prion1 ubuntucve1 veracode1 mozilla1 cve1 debian2 osv3 nessus20 ibm2 redhat1 centos1 mageia1 oraclelinux1 suse5 archlinux1 ubuntu1 freebsd1 kaspersky1 gentoo1