0.052 Low
EPSS
Percentile
93.0%
Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document.
bugzilla.mozilla.org/show_bug.cgi?id=1279814
launchpad.net/bugs/cve/CVE-2016-2838
nvd.nist.gov/vuln/detail/CVE-2016-2838
security-tracker.debian.org/tracker/CVE-2016-2838
ubuntu.com/security/notices/USN-3044-1
www.cve.org/CVERecord?id=CVE-2016-2838
www.mozilla.org/en-US/security/advisories/mfsa2016-64/