Denial of Service Vulnerability in Mozilla Firefox on Linux

Denial of Service Vulnerability in Mozilla Firefox on Linux

CVE-2016-2839 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux make cairo _cairo_surface_get_extents calls that do not properly interact with libav header allocation in FFmpeg 0.10, which allows remote attackers to cause a denial of service (application crash) via a crafted video.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.