CVE-2016-9896

Опубликовано: 11 июн. 2018

Источник: debian

EPSS Низкий

Описание

Use-after-free while manipulating the "navigator" object within WebVR. Note: WebVR is not currently enabled by default. This vulnerability affects Firefox < 50.1.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
firefox	fixed	50.1.0-1		package
firefox-esr	not-affected			package

Примечания

https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/#CVE-2016-9896

EPSS

Процентиль: 81%

0.01539

Низкий

Связанные уязвимости

CVE-2016-9896

CVSS3: 8.1

ubuntu

больше 7 лет назад

Use-after-free while manipulating the "navigator" object within WebVR. Note: WebVR is not currently enabled by default. This vulnerability affects Firefox < 50.1.

CVE-2016-9896

CVSS3: 8.1

nvd

больше 7 лет назад

Use-after-free while manipulating the "navigator" object within WebVR. Note: WebVR is not currently enabled by default. This vulnerability affects Firefox < 50.1.

GHSA-r97x-58x3-7qgg

CVSS3: 8.1

github

больше 3 лет назад

Use-after-free while manipulating the "navigator" object within WebVR. Note: WebVR is not currently enabled by default. This vulnerability affects Firefox < 50.1.

openSUSE-SU-2016:3184-1

suse-cvrf

около 9 лет назад

Security update for MozillaFirefox

EPSS

Процентиль: 81%

0.01539

Низкий