PT-2016-1447 · Mozilla+1 · Firefox+1

Publicado

2016-03-08

Atualizado

2024-12-12

CVE-2016-1970

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 45.0

Description The issue is caused by an integer underflow in the srtp unprotect function in the WebRTC implementation. This could allow a remote attacker to cause a denial of service, potentially resulting in memory corruption, or have other unspecified impacts.

Recommendations For versions prior to 45.0, update to version 45.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of WebRTC functionality until a patch is applied.

Correção

DoS

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

BDU:2016-00748

CVE-2016-1970

OPENSUSE-SU-2016_0731-1

OPENSUSE-SU-2016_0733-1

OPENSUSE-SU-2024:10071-1

OPENSUSE-SU-2024:14572-1

Produtos afetados

Firefox

Suse

PT-2016-1447 · Mozilla+1 · Firefox+1

CVE-2016-1970

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2067