Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

0

CVE-2016-2806

Disclosure Date: April 30, 2016 •

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

debian,
mozilla,
opensuse,
suse

Products

debian linux 8.0,
firefox,
firefox 45.0.1,
leap 42.1,
linux enterprise 12.0,
opensuse 13.1,
opensuse 13.2

References

Canonical

CVE-2016-2806 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2806)

Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=1253099

https://bugzilla.mozilla.org/show_bug.cgi?id=1242810

http://www.mozilla.org/security/announce/2016/mfsa2016-39.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html

https://bugzilla.mozilla.org/show_bug.cgi?id=1242668

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

http://rhn.redhat.com/errata/RHSA-2016-0695.html

https://bugzilla.mozilla.org/show_bug.cgi?id=1231919

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

https://bugzilla.mozilla.org/show_bug.cgi?id=1258231

SECTRACK-1035692 (http://www.securitytracker.com/id/1035692)

https://bugzilla.mozilla.org/show_bug.cgi?id=1255949

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

https://bugzilla.mozilla.org/show_bug.cgi?id=1254122

http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html

https://bugzilla.mozilla.org/show_bug.cgi?id=1260439

USN-2936-2 (http://www.ubuntu.com/usn/USN-2936-2)

https://bugzilla.mozilla.org/show_bug.cgi?id=1212328

https://bugzilla.mozilla.org/show_bug.cgi?id=1238592

DSA-3601 (http://www.debian.org/security/2016/dsa-3601)

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

GLSA-201701-15 (https://security.gentoo.org/glsa/201701-15)

https://bugzilla.mozilla.org/show_bug.cgi?id=1256065

https://bugzilla.mozilla.org/show_bug.cgi?id=1228882

USN-2936-1 (http://www.ubuntu.com/usn/USN-2936-1)

USN-2936-3 (http://www.ubuntu.com/usn/USN-2936-3)

https://bugzilla.mozilla.org/show_bug.cgi?id=1251922

Rapid7

Technical Analysis