VYPR
Medium severity6.3NVD Advisory· Published Aug 5, 2016· Updated Jun 17, 2026

CVE-2016-2837

CVE-2016-2837

Description

Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media Plugin (GMP) sandbox bypass.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

33

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.