High severity8.8NVD Advisory· Published Sep 22, 2016· Updated May 6, 2026

CVE-2016-5275

Description

Buffer overflow in the mozilla::gfx::FilterSupport::ComputeSourceNeededRegions function in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code by leveraging improper interaction between empty filters and CANVAS element rendering.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.mozilla.org/security/announce/2016/mfsa2016-85.htmlnvdVendor Advisory
bugzilla.mozilla.org/show_bug.cginvdIssue Tracking
www.securityfocus.com/bid/93052nvd
www.securitytracker.com/id/1036852nvd
security.gentoo.org/glsa/201701-15nvd

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000