Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document.
History

Tue, 22 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:mozilla:firefox_esr:45.1.0:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*
Vendors & Products Mozilla firefox Esr

Mon, 21 Oct 2024 13:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:mozilla:firefox_esr:45.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:45.2.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:45.3.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*

cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2016-08-05T01:00:00

Updated: 2024-08-05T23:32:21.324Z

Reserved: 2016-03-01T00:00:00

Link: CVE-2016-2838

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2016-08-05T01:59:04.813

Modified: 2024-11-21T02:48:54.833

Link: CVE-2016-2838

cve-icon Redhat

Severity : Moderate

Publid Date: 2016-08-02T00:00:00Z

Links: CVE-2016-2838 - Bugzilla