CVE-2016-2807

HIGH

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

References

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html

http://rhn.redhat.com/errata/RHSA-2016-0695.html

http://rhn.redhat.com/errata/RHSA-2016-1041.html

http://www.debian.org/security/2016/dsa-3559

http://www.debian.org/security/2016/dsa-3576

http://www.mozilla.org/security/announce/2016/mfsa2016-39.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

http://www.securitytracker.com/id/1035692

http://www.ubuntu.com/usn/USN-2936-1

http://www.ubuntu.com/usn/USN-2936-2

http://www.ubuntu.com/usn/USN-2936-3

http://www.ubuntu.com/usn/USN-2973-1

https://bugzilla.mozilla.org/show_bug.cgi?id=1187420

https://bugzilla.mozilla.org/show_bug.cgi?id=1252707

https://bugzilla.mozilla.org/show_bug.cgi?id=1254164

https://bugzilla.mozilla.org/show_bug.cgi?id=1254622

https://bugzilla.mozilla.org/show_bug.cgi?id=1254876

https://security.gentoo.org/glsa/201701-15

Details

Source: MITRE

Published: 2016-04-30

Updated: 2018-10-30

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

CVSS v3.0

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 2.8

Severity: HIGH