CVE-2016-2805

Published Apr 30, 2016

Last updated 4 months ago

CVSS high 8.8

Overview

Description: Unspecified vulnerability in the browser engine in Mozilla Firefox ESR 38.x before 38.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Source: security@mozilla.org
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "35BF0AFB-26BA-4BEA-B6B8-11CF88E951DE"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F007CC6-9391-4E1C-A747-F3DE5E572FA5"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45E9641F-430C-4B3A-BD63-EC13DBD3D1E4"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AADD23B-A8AF-4679-990D-C29A1D6EB5CD"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1343A1FD-98CF-4A6C-A697-1253E538FD5C"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D098567-B55E-4EAC-8FAA-31FAFDD4058F"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE0389BC-D295-4957-8AE7-EDAC770F596D"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E75E69A5-AC94-4F35-9EFB-1BFF8B78210D"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2765E663-C9CF-476A-B7A8-6F02D0E2D72D"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62B4E871-0ACB-4EC5-8392-EAD0DF25E64B"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "435D6EF5-C879-4121-9D47-EF2236E53409"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5963D11-D2F4-40A7-81CE-E034C91FCCBD"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5FB022A7-B792-4AC0-B2CF-AF6F384AE719"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1AD923B9-A845-4D1E-A59F-2A0D3D01E4D3"
          },
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADBAD0F4-42B5-4A0A-BB0D-08F92C9DF238"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References