CVE-2016-1935

CVSS v3.0 8.8 (High)

CVSS v2.0 9.3 (High)

EPSS 0.63 % (79^th)

Affected Products 5

Advisories 14

Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content.

Weaknesses

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2016-01-31 18:59:03
(8 years ago)
Updated Date: 2019-12-27 16:08:55
(4 years ago)

Affected Products

Mozilla

Opensuse

Oracle

Linux

Configuration #1

		CPE23	From	Up To
	Opensuse Leap 42.1	cpe:2.3:o:opensuse:leap:42.1
	Opensuse 13.1	cpe:2.3:o:opensuse:opensuse:13.1
	Opensuse 13.2	cpe:2.3:o:opensuse:opensuse:13.2

Configuration #2

		CPE23	From	Up To
	Oracle Linux 5.0	cpe:2.3:o:oracle:linux:5.0
	Oracle Linux 6	cpe:2.3:o:oracle:linux:6
	Oracle Linux 7	cpe:2.3:o:oracle:linux:7

Configuration #3

		CPE23	From	Up To
	Mozilla Firefox 43.0.4 and prior versions	cpe:2.3:a:mozilla:firefox		<= 43.0.4

Configuration #4

		CPE23	From	Up To
	Mozilla Firefox Esr 38.0	cpe:2.3:a:mozilla:firefox_esr:38.0
	Mozilla Firefox Esr 38.1.0	cpe:2.3:a:mozilla:firefox_esr:38.1.0
	Mozilla Firefox Esr 38.2.0	cpe:2.3:a:mozilla:firefox_esr:38.2.0
	Mozilla Firefox Esr 38.3.0	cpe:2.3:a:mozilla:firefox_esr:38.3.0
	Mozilla Firefox Esr 38.4.0	cpe:2.3:a:mozilla:firefox_esr:38.4.0
	Mozilla Firefox Esr 38.5.0	cpe:2.3:a:mozilla:firefox_esr:38.5.0