CVE-2016-9894

{"id": "CVE-2016-9894", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2018-06-11T21:29:01.937", "references": [{"url": "http://www.securityfocus.com/bid/94883", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security@mozilla.org"}, {"url": "http://www.securitytracker.com/id/1037461", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security@mozilla.org"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306628", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "security@mozilla.org"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2016-94/", "tags": ["Vendor Advisory"], "source": "security@mozilla.org"}, {"url": "http://www.securityfocus.com/bid/94883", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1037461", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306628", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2016-94/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "A buffer overflow in SkiaGl caused when a GrGLBuffer is truncated during allocation. Later writers will overflow the buffer, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 50.1."}, {"lang": "es", "value": "Se ha provocado un desbordamiento de b\u00fafer en SkiaGl cuando se trunca un GrGLBuffer durante la asignaci\u00f3n. Las escrituras posteriores desbordar\u00e1n el b\u00fafer, lo que resulta en un cierre inesperado potencialmente explotable. La vulnerabilidad afecta a Firefox en versiones anteriores a la 50.1."}], "lastModified": "2024-11-21T03:01:57.713", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D7D13A9-230F-4040-AF9B-EBD07E4ACEEC", "versionEndExcluding": "50.1"}], "operator": "OR"}]}], "sourceIdentifier": "security@mozilla.org"}