Arbitrary Code Execution via SVG Document in Mozilla Firefox
CVE-2016-2838 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document.
Learn more about our Cis Benchmark Audit For Mozilla Firefox.