Published: 31/01/2016 Updated: 30/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

The nsZipArchive function in Mozilla Firefox prior to 44.0 might allow remote malicious users to cause a denial of service or possibly have unspecified other impact by leveraging incorrect use of a pointer during processing of a ZIP archive.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox 43.0.4
opensuse opensuse 13.2
opensuse opensuse 13.1
opensuse leap 42.1

USN-2880-1 introduced a regression in Firefox ...

Firefox could be made to crash or run programs as your login if it opened a malicious website ...

Mozilla Foundation Security Advisory 2016-10 Unsafe memory manipulation found through code inspection Announced January 26, 2016 Reporter Ronald Crane Impact Critical Products Firefox Fixed in ...

The nsZipArchive function in Mozilla Firefox before 440 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect use of a pointer during processing of a ZIP archive ...

NVD-CWE-noinfo https://bugzilla.mozilla.org/show_bug.cgi?id=1214782 http://www.mozilla.org/security/announce/2016/mfsa2016-10.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html http://www.securityfocus.com/bid/81950 https://security.gentoo.org/glsa/201605-06 http://www.ubuntu.com/usn/USN-2880-1 http://www.ubuntu.com/usn/USN-2880-2 http://www.securitytracker.com/id/1034825 https://nvd.nist.gov https://usn.ubuntu.com/2880-2/

CVE-2016-1945

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect