High severity8.8NVD Advisory· Published Jun 13, 2016· Updated May 6, 2026
CVE-2016-2819
CVE-2016-2819
Description
Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- www.mozilla.org/security/announce/2016/mfsa2016-50.htmlnvdVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.htmlnvd
- www.debian.org/security/2016/dsa-3600nvd
- www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlnvd
- www.securityfocus.com/bid/91075nvd
- www.securitytracker.com/id/1036057nvd
- www.ubuntu.com/usn/USN-2993-1nvd
- access.redhat.com/errata/RHSA-2016:1217nvd
- bugzilla.mozilla.org/show_bug.cginvd
- www.exploit-db.com/exploits/44293/nvd
News mentions
0No linked articles in our index yet.