CVE-2016-2818

Name: CVE-2016-2818
Creator: NVD / NIST
Published: 2016-06-13T10:59:01.54+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 3.89%

Last modified Jun 17, 2026

CVE-2016-2818 is a vulnerability of currently unknown severity. Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.. EPSS estimates a 3.89% chance of exploitation in the next 30 days.

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Metrics

EPSS Probability

3.89%

88.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-119

Affected Software

Vendor	Product	Versions
Mozilla	Firefox	45.1.0
Mozilla	Firefox	45.1.1
Debian	Debian Linux	8.0
Redhat	Enterprise Linux Desktop	5.0
Redhat	Enterprise Linux Desktop	6.0
Redhat	Enterprise Linux Desktop	7.0
Redhat	Enterprise Linux For Ibm Z Systems	5.0
Redhat	Enterprise Linux For Ibm Z Systems	6.0
Redhat	Enterprise Linux For Ibm Z Systems	7.0
Redhat	Enterprise Linux For Ibm Z Systems Eus	7.2
Redhat	Enterprise Linux For Power Big Endian	5.0
Redhat	Enterprise Linux For Power Big Endian	6.0
Redhat	Enterprise Linux For Power Big Endian	7.0
Redhat	Enterprise Linux For Power Big Endian Eus	7.2
Redhat	Enterprise Linux For Power Little Endian	7.0
Redhat	Enterprise Linux For Power Little Endian Eus	7.2
Redhat	Enterprise Linux For Scientific Computing	6.0
Redhat	Enterprise Linux Server	5.0
Redhat	Enterprise Linux Server	6.0
Redhat	Enterprise Linux Server	7.0
Redhat	Enterprise Linux Server Aus	7.2
Redhat	Enterprise Linux Server Eus	7.2
Redhat	Enterprise Linux Workstation	5.0
Redhat	Enterprise Linux Workstation	6.0
Redhat	Enterprise Linux Workstation	7.0
Mozilla	Firefox	<= 46.0.1
Novell	Suse Linux Enterprise Software Development Kit	12.0
Novell	Suse Package Hub For Suse Linux Enterprise	12
Novell	Suse Linux Enterprise Desktop	12.0
Novell	Suse Linux Enterprise Server	12.0
Opensuse	Leap	42.1
Opensuse	Opensuse	13.1
Opensuse	Opensuse	13.2
Canonical	Ubuntu Linux	12.04
Canonical	Ubuntu Linux	14.04
Canonical	Ubuntu Linux	15.10
Canonical	Ubuntu Linux	16.04

References

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.htmlThird Party Advisory
http://www.debian.org/security/2016/dsa-3600Third Party Advisory
http://www.debian.org/security/2016/dsa-3647
http://www.mozilla.org/security/announce/2016/mfsa2016-49.htmlVendor Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
http://www.securityfocus.com/bid/91075
http://www.securitytracker.com/id/1036057Third Party Advisory, VDB Entry
http://www.ubuntu.com/usn/USN-2993-1Third Party Advisory
http://www.ubuntu.com/usn/USN-3023-1
https://access.redhat.com/errata/RHSA-2016:1217Third Party Advisory
https://access.redhat.com/errata/RHSA-2016:1392Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1234147Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1256493Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1256739Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1256968Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1261230Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1261752Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1263384Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1264575Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1265577Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1267130Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1269729Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1273202Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1273701Issue Tracking, Permissions Required
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.htmlThird Party Advisory
http://www.debian.org/security/2016/dsa-3600Third Party Advisory
http://www.debian.org/security/2016/dsa-3647
http://www.mozilla.org/security/announce/2016/mfsa2016-49.htmlVendor Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
http://www.securityfocus.com/bid/91075
http://www.securitytracker.com/id/1036057Third Party Advisory, VDB Entry
http://www.ubuntu.com/usn/USN-2993-1Third Party Advisory
http://www.ubuntu.com/usn/USN-3023-1
https://access.redhat.com/errata/RHSA-2016:1217Third Party Advisory
https://access.redhat.com/errata/RHSA-2016:1392Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1234147Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1256493Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1256739Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1256968Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1261230Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1261752Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1263384Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1264575Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1265577Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1267130Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1269729Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1273202Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1273701Issue Tracking, Permissions Required

Timeline

Published: Jun 13, 2016
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2016-2818?

How severe is CVE-2016-2818?

Severity scoring for CVE-2016-2818 is pending analysis. The EPSS model estimates a 3.89% probability of exploitation in the next 30 days.

How do I fix CVE-2016-2818?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2016-2818?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST