CVE-2016-2828
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-2828
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-2828.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2016-2828
- Related
- Published
- 2016-06-13T10:59:10Z
- Modified
- 2024-11-21T02:48:53Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Use-after-free vulnerability in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via WebGL content that triggers texture access after destruction of the texture's recycle pool.
- References
-
- http://www.debian.org/security/2016/dsa-3600
- http://www.mozilla.org/security/announce/2016/mfsa2016-56.html
- http://www.ubuntu.com/usn/USN-2993-1
- https://access.redhat.com/errata/RHSA-2016:1217
- https://bugzilla.mozilla.org/show_bug.cgi?id=1223810
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- http://www.securityfocus.com/bid/91075
- http://www.securitytracker.com/id/1036057
- https://security-tracker.debian.org/tracker/CVE-2016-2828
Affected packages
Debian:11 / firefox-esr
Package
- Name
- firefox-esr
- Purl
- pkg:deb/debian/firefox-esr?arch=source
Debian:12 / firefox-esr
Package
- Name
- firefox-esr
- Purl
- pkg:deb/debian/firefox-esr?arch=source
Debian:13 / firefox-esr
Package
- Name
- firefox-esr
- Purl
- pkg:deb/debian/firefox-esr?arch=source