CVE Vulnerabilities

CVE-2016-2811

Published: Apr 30, 2016 | Modified: Jul 01, 2017
CVSS 3.x
8.8
HIGH
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
5.1 IMPORTANT
AV:N/AC:H/Au:N/C:P/I:P/A:P
RedHat/V3
Ubuntu
MEDIUM

Use-after-free vulnerability in the ServiceWorkerInfo class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code via vectors related to the BeginReading method.

Affected Software

Name Vendor Start Version End Version
Firefox Mozilla * 45.0.2 (including)
Firefox Ubuntu devel *
Firefox Ubuntu precise *
Firefox Ubuntu trusty *
Firefox Ubuntu upstream *
Firefox Ubuntu wily *
Firefox Ubuntu xenial *

References