12 Mar 2016

CVE-2016-1966

Publié par . Publié dans Memory corruption

Vulnerability Details :

The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference and memory corruption) via a crafted NPAPI plugin.
Publish Date : 2016-03-13 Last Update Date : 2016-03-13

- CVSS Scores & Vulnerability Types

CVSS Score	0.0
Confidentiality Impact	???
Integrity Impact	???
Availability Impact	???
Access Complexity	???
Authentication	???
Gained Access	None
Vulnerability Type(s)	Denial Of ServiceExecute CodeMemory corruption
CWE ID	CWE id is not defined for this vulnerability

- Related OVAL Definitions

Title	Definition Id	Class	Family
RHSA-2016:0373: firefox security update (Critical)	oval:com.redhat.rhsa:def:20160373		unix

OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability.

- Products Affected By CVE-2016-1966

#	Product Type	Vendor	Product	Version	Update	Edition	Language
No vulnerable product found. If the vulnerability is created recently it may take a few days to gather vulnerable products list and other information like cvss scores. Please check again in a few days.