CVE-2016-2815

Loading...

General

Score:6.8/10.0
Severity:Medium
Category:Buffer Error
Exploit:Available

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Relative vulnerabilities

CVE-2016-2818, CVE-2016-2819, CVE-2016-2821, CVE-2016-2822, CVE-2016-2824, CVE-2016-2825, CVE-2016-2828, CVE-2016-2829, CVE-2016-2830, CVE-2016-2831, CVE-2016-2832, CVE-2016-2833, CVE-2016-2834, CVE-2016-2835, CVE-2016-2836, CVE-2016-2837, CVE-2016-2838, CVE-2016-2839, CVE-2016-5252, CVE-2016-5254, CVE-2016-5258, CVE-2016-5259, CVE-2016-5262, CVE-2016-5263, CVE-2016-5264, CVE-2016-5265, CVE-2016-6354

Published on 13/06/16 - Updated on 28/11/16

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Category: Buffer Error

CWE-119 (Buffer Errors)
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Security Notices

US National Vulnerability DatabaseCVE-2016-2815
Agence Nationale de la Sécurité des Systèmes d'Information CERTFR-2016-AVI-193
Arch Linux ASA-201606-7, ASA-201607-4
Mozilla MFSA2016-49
SUSE SUSE-SU-2016:1691, SUSE-SU-2016:1799, SUSE-SU-2016:2061
Ubuntu USN-2993-1

Exploits

SecurityFocusBID-91075

Relative technologies

VendorProduct
canonicalubuntu_linux
mozillafirefox
mozillafirefox_esr
novellleap
novellopensuse
novellsuse_linux_enterprise_desktop
novellsuse_linux_enterprise_server
novellsuse_linux_enterprise_software_development_kit

Share this vulnerability with:

Twitter Facebook LinkedIn Mail