OpenSUSE Linux update for Mozilla Firefox
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2016-5287 CVE-2016-5288 |
| CWE-ID | CWE-416 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Mozilla Firefox Client/Desktop applications / Web browsers |
| Vendor | Mozilla |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Arbitrary code execution
EUVDB-ID: #VU1040
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-5287
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to insufficient input validation. By tricking the victim to download a specially crafted content, attackers can trigger a use-after-free memory error in nsTArray_base::SwapArrayElements() and execute arbitrary code.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Update the affected packages.
Mozilla Firefox: 49.0 - 49.0a2
CPE2.3- cpe:2.3:a:mozilla:mozilla_firefox:49.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_firefox:49.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_firefox:49.0:b1:*:*:*:*:*:*
http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00015.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU1041
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-5288
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to access potentially sensitive information on the target system.
The weakness is due to insufficient input validation. By tricking the victim to download a specially crafted content, attackers can view potentially sensitive URL and page content from the HTTP cache.
Successful exploitation of the vulnerability results in disclosure of important data on the vulnerable system.
Update the affected packages.
Mozilla Firefox: 48.0 - 49.0a2
CPE2.3- cpe:2.3:a:mozilla:mozilla_firefox:49.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_firefox:49.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_firefox:49.0:b1:*:*:*:*:*:*
http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00015.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
