PT-2016-3237 · Mozilla+5 · Firefox Esr+6

Aki Helin

Publicado

2016-01-26

Atualizado

2024-12-12

CVE-2016-1935

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 44.0 Firefox ESR versions prior to 38.6

Description The issue arises from a buffer overflow in the BufferSubData function due to incorrect handling of WebGL content. This can allow remote attackers to execute arbitrary code or cause a denial of service via specially crafted WebGL content.

Recommendations For Mozilla Firefox versions prior to 44.0, update to version 44.0 or later. For Firefox ESR versions prior to 38.6, update to version 38.6 or later.

Correção

RCE

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

ALT-PU-2016-1057

ALT-PU-2016-1454

BDU:2018-00029

CESA-2016_0071

CESA-2016_0258

CVE-2016-1935

DSA-3457-1

DSA-3491-1

MGASA-2016-0041

MGASA-2016-0078

OPENSUSE-SU-2016_0309-1

OPENSUSE-SU-2016_0310-1

OPENSUSE-SU-2024:10071-1

OPENSUSE-SU-2024:10230-1

OPENSUSE-SU-2024:14572-1

RHSA-2016:0071

RHSA-2016:0258

RHSA-2016_0071

RHSA-2016_0258

SUSE-SU-2016:0334-1

SUSE-SU-2016:0338-1

SUSE-SU-2016:0584-1

USN-2880-1

USN-2880-2

USN-2904-1

Produtos afetados

Alt Linux

Centos

Firefox Esr

Firefox

Red Hat

Suse

Ubuntu

PT-2016-3237 · Mozilla+5 · Firefox Esr+6

CVE-2016-1935

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2164