CVE-2016-1930

Published: Jan 31, 2016Modified: May 6, 2026

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Affected (13)

Products: Mozilla: Firefox · Oracle: Linux · Opensuse: Leap, Opensuse

1 product

1 product

2 products

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Up to 43.0.4

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Oracle Linux	Version 5.0
Oracle Linux	Version 6
Oracle Linux	Version 7

Configuration C

6 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Version 38.0
Mozilla Firefox	Version 38.1.0
Mozilla Firefox	Version 38.2.0
Mozilla Firefox	Version 38.3.0
Mozilla Firefox	Version 38.4.0
Mozilla Firefox	Version 38.5.0

Configuration D

3 vulnerable

Vulnerable Software	Affected Versions
Opensuse Leap	Version 42.1
Opensuse Opensuse	Version 13.1
Opensuse Opensuse	Version 13.2

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (60)

http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html

Source: security@mozilla.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html

Source: security@mozilla.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.html

Source: security@mozilla.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html

Source: security@mozilla.org

http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html

Source: security@mozilla.org

http://lists.opensuse.org/opensuse-updates/2016-02/msg00105.html

Source: security@mozilla.org

http://rhn.redhat.com/errata/RHSA-2016-0071.html

Source: security@mozilla.org

http://rhn.redhat.com/errata/RHSA-2016-0258.html

Source: security@mozilla.org

http://www.debian.org/security/2016/dsa-3457

Source: security@mozilla.org

http://www.debian.org/security/2016/dsa-3491

Source: security@mozilla.org

http://www.mozilla.org/security/announce/2016/mfsa2016-01.html

Source: security@mozilla.org

Vendor Advisory

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

Source: security@mozilla.org

Third Party Advisory

http://www.securityfocus.com/bid/81953

Source: security@mozilla.org

http://www.securitytracker.com/id/1034825

Source: security@mozilla.org

http://www.ubuntu.com/usn/USN-2880-1

Source: security@mozilla.org

http://www.ubuntu.com/usn/USN-2880-2

Source: security@mozilla.org

http://www.ubuntu.com/usn/USN-2904-1

Source: security@mozilla.org

https://bugzilla.mozilla.org/show_bug.cgi?id=1221385

Source: security@mozilla.org

Issue Tracking

https://bugzilla.mozilla.org/show_bug.cgi?id=1223670

Source: security@mozilla.org

Issue Tracking

https://bugzilla.mozilla.org/show_bug.cgi?id=1224200

Source: security@mozilla.org

Issue Tracking

https://bugzilla.mozilla.org/show_bug.cgi?id=1230483

Source: security@mozilla.org

Issue Tracking

https://bugzilla.mozilla.org/show_bug.cgi?id=1230639

Source: security@mozilla.org

Issue Tracking

https://bugzilla.mozilla.org/show_bug.cgi?id=1230668

Source: security@mozilla.org

Issue Tracking

https://bugzilla.mozilla.org/show_bug.cgi?id=1230686

Source: security@mozilla.org

Issue Tracking

https://bugzilla.mozilla.org/show_bug.cgi?id=1233152

Source: security@mozilla.org

Issue Tracking

https://bugzilla.mozilla.org/show_bug.cgi?id=1233346

Source: security@mozilla.org

Issue Tracking

https://bugzilla.mozilla.org/show_bug.cgi?id=1233925

Source: security@mozilla.org

Issue Tracking

https://bugzilla.mozilla.org/show_bug.cgi?id=1234280

Source: security@mozilla.org

Issue Tracking

https://bugzilla.mozilla.org/show_bug.cgi?id=1234571

Source: security@mozilla.org

Issue Tracking

https://security.gentoo.org/glsa/201605-06

Source: security@mozilla.org

http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html