Denial of Service Vulnerability in Mozilla Firefox on Linux
CVE-2016-2839 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:N/A:P
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux make cairo _cairo_surface_get_extents calls that do not properly interact with libav header allocation in FFmpeg 0.10, which allows remote attackers to cause a denial of service (application crash) via a crafted video.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.