10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.963 High
EPSS
Percentile
99.5%
Mozilla Foundation reports:
MFSA 2016-16 Miscellaneous memory safety hazards (rv:45.0
/ rv:38.7)
MFSA 2016-17 Local file overwriting and potential
privilege escalation through CSP reports
MFSA 2016-18 CSP reports fail to strip location
information for embedded iframe pages
MFSA 2016-19 Linux video memory DOS with Intel
drivers
MFSA 2016-20 Memory leak in libstagefright when deleting
an array during MP4 processing
MFSA 2016-21 Displayed page address can be overridden
MFSA 2016-22 Service Worker Manager out-of-bounds read in
Service Worker Manager
MFSA 2016-23 Use-after-free in HTML5 string parser
MFSA 2016-24 Use-after-free in SetBody
MFSA 2016-25 Use-after-free when using multiple WebRTC
data channels
MFSA 2016-26 Memory corruption when modifying a file
being read by FileReader
MFSA 2016-27 Use-after-free during XML
transformations
MFSA 2016-28 Addressbar spoofing though history
navigation and Location protocol property
MFSA 2016-29 Same-origin policy violation using
perfomance.getEntries and history navigation with session
restore
MFSA 2016-31 Memory corruption with malicious NPAPI
plugin
MFSA 2016-32 WebRTC and LibVPX vulnerabilities found
through code inspection
MFSA 2016-33 Use-after-free in GetStaticInstance in
WebRTC
MFSA 2016-34 Out-of-bounds read in HTML parser following
a failed allocation
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | firefox | < 45.0,1 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox | < 45.0,1 | UNKNOWN |
FreeBSD | any | noarch | seamonkey | < 2.42 | UNKNOWN |
FreeBSD | any | noarch | linux-seamonkey | < 2.42 | UNKNOWN |
FreeBSD | any | noarch | firefox-esr | < 38.7.0,1 | UNKNOWN |
FreeBSD | any | noarch | libxul | < 38.7.0 | UNKNOWN |
FreeBSD | any | noarch | thunderbird | < 38.7.0 | UNKNOWN |
FreeBSD | any | noarch | linux-thunderbird | < 38.7.0 | UNKNOWN |
www.mozilla.org/security/advisories/mfsa2016-16/
www.mozilla.org/security/advisories/mfsa2016-17/
www.mozilla.org/security/advisories/mfsa2016-18/
www.mozilla.org/security/advisories/mfsa2016-19/
www.mozilla.org/security/advisories/mfsa2016-20/
www.mozilla.org/security/advisories/mfsa2016-21/
www.mozilla.org/security/advisories/mfsa2016-22/
www.mozilla.org/security/advisories/mfsa2016-23/
www.mozilla.org/security/advisories/mfsa2016-24/
www.mozilla.org/security/advisories/mfsa2016-25/
www.mozilla.org/security/advisories/mfsa2016-26/
www.mozilla.org/security/advisories/mfsa2016-27/
www.mozilla.org/security/advisories/mfsa2016-28/
www.mozilla.org/security/advisories/mfsa2016-29/
www.mozilla.org/security/advisories/mfsa2016-31/
www.mozilla.org/security/advisories/mfsa2016-32/
www.mozilla.org/security/advisories/mfsa2016-33/
www.mozilla.org/security/advisories/mfsa2016-34/
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.963 High
EPSS
Percentile
99.5%