Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-5261

Опубликовано: 20 сент. 2016
Источник: redhat
CVSS3: 8.8
CVSS2: 5.1
EPSS Низкий

Описание

Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5thunderbirdNot affected
Red Hat Enterprise Linux 6thunderbirdNot affected
Red Hat Enterprise Linux 7thunderbirdNot affected
Red Hat Enterprise Linux 5firefoxFixedRHSA-2016:191221.09.2016
Red Hat Enterprise Linux 6firefoxFixedRHSA-2016:191221.09.2016
Red Hat Enterprise Linux 7firefoxFixedRHSA-2016:191221.09.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
https://bugzilla.redhat.com/show_bug.cgi?id=1361986Mozilla: Integer overflow and memory corruption in WebSocketChannel (MFSA 2016-75, MFSA 2016-86)

EPSS

Процентиль: 77%
0.01136
Низкий

8.8 High

CVSS3

5.1 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-5261

CVSS3: 8.8
ubuntu
почти 9 лет назад

Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.

nvd логотип

CVE-2016-5261

CVSS3: 8.8
nvd
почти 9 лет назад

Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.

debian логотип

CVE-2016-5261

CVSS3: 8.8
debian
почти 9 лет назад

Integer overflow in the WebSocketChannel class in the WebSockets subsy ...

github логотип

GHSA-jrqh-qj76-c265

CVSS3: 8.8
github
около 3 лет назад

Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.

fstec логотип

BDU:2016-01915

fstec
почти 9 лет назад

Уязвимость браузера Firefox, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

EPSS

Процентиль: 77%
0.01136
Низкий

8.8 High

CVSS3

5.1 Medium

CVSS2