vulnerability

MFSA2016-42 Firefox: Use-after-free and buffer overflow in Service Workers (CVE-2016-2811)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	Apr 26, 2016	Apr 27, 2016	Mar 27, 2026

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Apr 26, 2016

Added

Apr 27, 2016

Modified

Mar 27, 2026

Description

Use-after-free vulnerability in the ServiceWorkerInfo class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code via vectors related to the BeginReading method.

Solution

mozilla-firefox-upgrade-46_0

References

CVE-2016-2811
https://attackerkb.com/topics/CVE-2016-2811
EUVD-EUVD-2016-3884
http://www.mozilla.org/security/announce/2016/mfsa2016-42.html
https://euvd.enisa.europa.eu/vulnerability/EUVD-2016-3884

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report