Lucene search
Ubuntu.comUB:CVE-2016-1974HistoryMar 08, 2016 - 12:00 a.m.
CVE-2016-1974
2016-03-0800:00:00
ubuntu.com
ubuntu.com
15
0.014 Low
EPSS
Percentile
86.6%
The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before
45.0 and Firefox ESR 38.x before 38.7 does not verify that memory
allocation succeeds, which allows remote attackers to execute arbitrary
code or cause a denial of service (out-of-bounds read) via crafted Unicode
data in an HTML, XML, or SVG document.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 12.04 | noarch | firefox | < 45.0+build2-0ubuntu0.12.04.1 | UNKNOWN |
| ubuntu | 14.04 | noarch | firefox | < 45.0+build2-0ubuntu0.14.04.1 | UNKNOWN |
| ubuntu | 15.10 | noarch | firefox | < 45.0+build2-0ubuntu0.15.10.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | thunderbird | < 1:38.7.2+build1-0ubuntu0.12.04.1 | UNKNOWN |
| ubuntu | 14.04 | noarch | thunderbird | < 1:38.7.2+build1-0ubuntu0.14.04.1 | UNKNOWN |
| ubuntu | 15.10 | noarch | thunderbird | < 1:38.7.2+build1-0ubuntu0.15.10.1 | UNKNOWN |
| ubuntu | 16.04 | noarch | thunderbird | < 1:38.7.2+build1-0ubuntu0.16.04.1 | UNKNOWN |
References
bugzilla.mozilla.org/show_bug.cgi?id=1228103
launchpad.net/bugs/cve/CVE-2016-1974
nvd.nist.gov/vuln/detail/CVE-2016-1974
security-tracker.debian.org/tracker/CVE-2016-1974
ubuntu.com/security/notices/USN-2917-1
ubuntu.com/security/notices/USN-2934-1
www.cve.org/CVERecord?id=CVE-2016-1974
www.mozilla.org/en-US/security/advisories/mfsa2016-34/
Related
mozilla
mozilla
Out-of-bounds read in HTML parser following a failed allocation — Mozilla
2016-03-08 00:00:00
cve
cve
CVE-2016-1974
2016-03-13 18:59:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2016-34) - Linux
2021-11-08 00:00:00
CentOS Update for thunderbird CESA-2016:0460 centos5
2016-03-17 00:00:00
RedHat Update for thunderbird RHSA-2016:0460-01
2016-03-17 00:00:00
debiancve
debiancve
CVE-2016-1974
2016-03-13 18:59:00
cvelist
cvelist
CVE-2016-1974
2016-03-13 18:00:00
prion
prion
Out-of-bounds
2016-03-13 18:59:00
nessus
nessus
Scientific Linux Security Update : thunderbird on SL5.x, SL6.x, SL7.x i386/x86_64 (20160316)
2016-03-17 00:00:00
Oracle Linux 6 / 7 : thunderbird (ELSA-2016-0460)
2016-03-17 00:00:00
CentOS 5 / 6 / 7 : thunderbird (CESA-2016:0460)
2016-03-17 00:00:00
redhat
redhat
(RHSA-2016:0460) Important: thunderbird security update
2016-03-16 00:00:00
(RHSA-2016:0373) Critical: firefox security update
2016-03-09 00:00:00
centos
centos
thunderbird security update
2016-03-16 17:52:15
firefox security update
2016-03-09 06:42:15
oraclelinux
oraclelinux
thunderbird security update
2016-03-16 00:00:00
firefox security update
2016-03-09 00:00:00
debian
debian
[SECURITY] [DSA 3520-1] icedove security update
2016-03-18 21:06:26
[SECURITY] [DSA 3510-1] iceweasel security update
2016-03-09 18:28:02
mageia
mageia
Updated thunderbird packages fix security vulnerabilities
2016-03-16 21:07:23
Updated firefox packages fix security vulnerabilities
2016-03-10 01:57:53
ubuntu
ubuntu
Thunderbird vulnerabilities
2016-04-27 00:00:00
Firefox regressions
2016-04-19 00:00:00
Firefox vulnerabilities
2016-03-09 00:00:00
archlinux
archlinux
thunderbird: multiple issues
2016-03-20 00:00:00
firefox: multiple issues
2016-03-09 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2016-03-08 00:00:00
osv
osv
iceweasel - security update
2016-03-09 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:27:19
Arbitrary Code Execution
2019-05-02 05:27:23
Denial Of Service (DoS)
2019-05-02 05:27:25
suse
suse
Security update for MozillaThunderbird (important)
2016-03-26 17:08:36
Security update for MozillaThunderbird (important)
2016-03-24 15:09:11
Security update for Mozilla Thunderbird (important)
2016-07-11 00:08:02
kaspersky
kaspersky
KLA10765 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2016-03-08 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2016-05-31 00:00:00