CVE-2016-5278
CVSS v3.0
8.8 (High)
CVSS v2.0
6.8 (Medium)
EPSS
5.19 % (93th)
Affected Products
2
Advisories
14
Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image.
Weaknesses
- CWE-119
- Improper Restriction of Operations within the Bounds of a Memory Buffer
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2016-09-22 22:59:12
(8 years ago) - Updated Date
-
2018-06-12 01:29:01
(6 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...