CVE-2016-2818

EPSS 0.59%
Veröffentlicht 13.06.2016 10:59:01
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle security@mozilla.org
Teams Watchlist Login
Unerledigt Login

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 33

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version45.1.0

Mozilla ≫ Firefox Version45.1.1

Debian ≫ Debian Linux Version8.0

Redhat ≫ Enterprise Linux Desktop Version5.0

Redhat ≫ Enterprise Linux Desktop Version6.0

Redhat ≫ Enterprise Linux Desktop Version7.0

Redhat ≫ Enterprise Linux For Ibm Z Systems Version5.0

Redhat ≫ Enterprise Linux For Ibm Z Systems Version6.0

Redhat ≫ Enterprise Linux For Ibm Z Systems Version7.0

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version7.2

Redhat ≫ Enterprise Linux For Power Big Endian Version5.0

Redhat ≫ Enterprise Linux For Power Big Endian Version6.0

Redhat ≫ Enterprise Linux For Power Big Endian Version7.0

Redhat ≫ Enterprise Linux For Power Big Endian Eus Version7.2

Redhat ≫ Enterprise Linux For Power Little Endian Version7.0

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version7.2

Redhat ≫ Enterprise Linux For Scientific Computing Version6.0

Redhat ≫ Enterprise Linux Server Version5.0

Redhat ≫ Enterprise Linux Server Version6.0

Redhat ≫ Enterprise Linux Server Version7.0

Redhat ≫ Enterprise Linux Server Aus Version7.2

Redhat ≫ Enterprise Linux Server Eus Version7.2

Redhat ≫ Enterprise Linux Workstation Version5.0

Redhat ≫ Enterprise Linux Workstation Version6.0

Redhat ≫ Enterprise Linux Workstation Version7.0

Mozilla ≫ Firefox Version <= 46.0.1

Novell ≫ Suse Linux Enterprise Software Development Kit Version12.0

Novell ≫ Suse Linux Enterprise Software Development Kit Version12.0 Updatesp1

Novell ≫ Suse Package Hub For Suse Linux Enterprise Version12

Novell ≫ Suse Linux Enterprise Desktop Version12.0

Novell ≫ Suse Linux Enterprise Desktop Version12.0 Updatesp1

Novell ≫ Suse Linux Enterprise Server Version12.0

Novell ≫ Suse Linux Enterprise Server Version12.0 Updatesp1

Opensuse ≫ Leap Version42.1

Opensuse ≫ Opensuse Version13.1

Opensuse ≫ Opensuse Version13.2

Canonical ≫ Ubuntu Linux Version12.04 SwEditionlts

Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts

Canonical ≫ Ubuntu Linux Version15.10

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.59%	0.685

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html

Third Party Advisory