CVE-2016-2814
Published on: 04/30/2016 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:27:15 PM UTC
Certain versions of Firefox from Mozilla contain the following vulnerability:
Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code via crafted CENC offsets that lead to mismanagement of the sizes table.
- CVE-2016-2814 has been assigned by
[email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 8.8 - HIGH
| Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|
|---|---|---|---|---|
| NETWORK | LOW | NONE | REQUIRED | |
| Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
|
| UNCHANGED | HIGH | HIGH | HIGH |
CVSS2 Score: 6.8 - MEDIUM
| Access Vector ⓘ |
Access Complexity |
Authentication |
|---|---|---|
| NETWORK | MEDIUM | NONE |
| Confidentiality Impact |
Integrity Impact |
Availability Impact |
| PARTIAL | PARTIAL | PARTIAL |
CVE References
| Description | Tags ⓘ | Link |
|---|---|---|
| Red Hat Customer Portal | web.archive.org text/html Inactive LinkNot Archived |
REDHAT RHSA-2016:0695 |
| Mozilla Firefox, Thunderbird: Multiple vulnerabilities (GLSA 201701-15) — Gentoo security | security.gentoo.org text/html |
GENTOO GLSA-201701-15 |
| [security-announce] openSUSE-SU-2016:1211-1: important: Security update | lists.opensuse.org text/html |
SUSE openSUSE-SU-2016:1211 |
| openSUSE-SU-2016:1251-1: moderate: Security update to Firefox 46.0 | lists.opensuse.org text/html |
SUSE openSUSE-SU-2016:1251 |
| USN-2936-2: Oxygen-GTK3 update | Ubuntu | www.ubuntu.com text/html |
UBUNTU USN-2936-2 |
| Buffer overflow in libstagefright with CENC offsets — Mozilla | Vendor Advisory www.mozilla.org text/html |
CONFIRM www.mozilla.org/security/announce/2016/mfsa2016-44.html |
| Oracle Linux Bulletin - April 2016 | www.oracle.com text/html |
CONFIRM www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html |
| USN-2936-1: Firefox vulnerabilities | Ubuntu | www.ubuntu.com text/html |
UBUNTU USN-2936-1 |
| [security-announce] SUSE-SU-2016:1258-1: important: Security update for | lists.opensuse.org text/html |
SUSE SUSE-SU-2016:1258 |
| USN-2936-3: Firefox regression | Ubuntu | www.ubuntu.com text/html |
UBUNTU USN-2936-3 |
| [security-announce] SUSE-SU-2016:1374-1: important: Security update for | lists.opensuse.org text/html |
SUSE SUSE-SU-2016:1374 |
| Mozilla Firefox Multiple Flaws Let Remote Users Execute Arbitrary Code, Gain Elevated Privileges, Bypass Security Restrictions, and Obtain Potentially Sensitive Information - SecurityTracker | www.securitytracker.com text/html |
SECTRACK 1035692 |
| Debian -- Security Information -- DSA-3559-1 iceweasel | www.debian.org Depreciated Link text/html |
DEBIAN DSA-3559 |
| 1254721 - (CVE-2016-2814) Crash [@ stagefright::SampleTable::parseSampleCencInfo] with heap buffer overflow in libstagefright. | bugzilla.mozilla.org text/html |
CONFIRM bugzilla.mozilla.org/show_bug.cgi?id=1254721 |
| [security-announce] SUSE-SU-2016:1352-1: important: Security update for | lists.opensuse.org text/html |
SUSE SUSE-SU-2016:1352 |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Mozilla | Firefox | 45.0.1 | All | All | All |
| Application | Mozilla | Firefox | 45.0.1 | All | All | All |
| Application | Mozilla | Firefox | All | All | All | All |
| Application | Mozilla | Firefox Esr | 38.0 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.0.1 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.0.5 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.1.0 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.1.1 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.2.0 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.2.1 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.3.0 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.4.0 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.5.0 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.5.1 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.6.0 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.6.1 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.7.0 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.7.1 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.0 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.0.1 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.0.5 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.1.0 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.1.1 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.2.0 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.2.1 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.3.0 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.4.0 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.5.0 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.5.1 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.6.0 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.6.1 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.7.0 | All | All | All |
| Application | Mozilla | Firefox Esr | 38.7.1 | All | All | All |
- cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.1.1:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.2.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.2.1:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.3.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.4.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.5.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.5.1:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.6.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.6.1:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.7.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.7.1:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.1.1:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.2.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.2.1:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.3.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.4.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.5.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.5.1:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.6.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.6.1:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.7.0:*:*:*:*:*:*:*:
- cpe:2.3:a:mozilla:firefox_esr:38.7.1:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE