CVE-2016-2838 in Firefoxinfo

Summary

Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

03/01/2016

Disclosure

08/04/2016

Moderation

VulDB entry created

Entries

VDB-90427 (1)

CPE

ready

CWE

CWE-119 (Confirmed)

CVSS

8.8

EPSS

0.01155

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-2838
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-2838
CVE Details	https://www.cvedetails.com/cve/CVE-2016-2838/

◂ Previous Overview Next ▸