vulnerability
SUSE: CVE-2016-2814: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Apr 30, 2016 | May 4, 2016 | Jun 20, 2021 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Apr 30, 2016
Added
May 4, 2016
Modified
Jun 20, 2021
Description
Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code via crafted CENC offsets that lead to mismanagement of the sizes table.
Solution(s)
suse-upgrade-libfreebl3suse-upgrade-libfreebl3-32bitsuse-upgrade-libfreebl3-x86suse-upgrade-libsoftokn3suse-upgrade-libsoftokn3-32bitsuse-upgrade-libsoftokn3-x86suse-upgrade-mozilla-nsprsuse-upgrade-mozilla-nspr-32bitsuse-upgrade-mozilla-nspr-develsuse-upgrade-mozilla-nspr-x86suse-upgrade-mozilla-nsssuse-upgrade-mozilla-nss-32bitsuse-upgrade-mozilla-nss-develsuse-upgrade-mozilla-nss-toolssuse-upgrade-mozilla-nss-x86suse-upgrade-mozillafirefoxsuse-upgrade-mozillafirefox-develsuse-upgrade-mozillafirefox-translationssuse-upgrade-mozillafirefox-translations-commonsuse-upgrade-mozillafirefox-translations-other
References
- SUSE-SUSE-SU-2016:1258
- SUSE-SUSE-SU-2016:1258-1
- SUSE-SUSE-SU-2016:1342-1
- SUSE-SUSE-SU-2016:1352
- SUSE-SUSE-SU-2016:1352-1
- SUSE-SUSE-SU-2016:1374
- SUSE-SUSE-SU-2016:1374-1
- REDHAT-RHSA-2016:0695
- DEBIAN-DSA-3559
- SECTRACK-1035692
- UBUNTU-USN-2936-1
- UBUNTU-USN-2936-2
- UBUNTU-USN-2936-3
- GENTOO-GLSA-201701-15
- NVD-CVE-2016-2814
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.