Vulnerability Name:

CVE-2016-1946 (CCN-110196)

Assigned:2016-01-26
Published:2016-01-26
Updated:2018-10-30
Summary:The MoofParser::Metadata function in binding/MoofParser.cpp in libstagefright in Mozilla Firefox before 44.0 does not limit the size of read operations, which might allow remote attackers to cause a denial of service (integer overflow and buffer overflow) or possibly have unspecified other impact via crafted metadata.
CVSS v3 Severity:9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
8.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
7.7 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
9.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-189
CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2016-1946

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2016:0306

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2016:0309

Source: CONFIRM
Type: Vendor Advisory
http://www.mozilla.org/security/announce/2016/mfsa2016-10.html

Source: BID
Type: UNKNOWN
81950

Source: CCN
Type: BID-81950
Mozilla Firefox Memory Corruption and Integer Overflow Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1034825

Source: UBUNTU
Type: UNKNOWN
USN-2880-1

Source: UBUNTU
Type: UNKNOWN
USN-2880-2

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.mozilla.org/show_bug.cgi?id=1232069

Source: XF
Type: UNKNOWN
firefox-cve20161946-code-exec(110196)

Source: CONFIRM
Type: Vendor Advisory
https://hg.mozilla.org/mozilla-central/rev/2a57c0a0cf19

Source: GENTOO
Type: UNKNOWN
GLSA-201605-06

Source: CCN
Type: Mozilla Foundation Security Advisory 2016-10
Unsafe memory manipulation found through code inspection

Vulnerable Configuration:Configuration 1:
  • cpe:/o:opensuse:leap:42.1:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:mozilla:firefox:*:*:*:*:*:*:*:* (Version <= 43.0.4)

    • Configuration CCN 1:
  • cpe:/a:mozilla:firefox:43.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:609
    P
    		Security update for sqlite3 (Moderate) (in QA)
    2022-10-04
    oval:org.opensuse.security:def:720
    P
    		Security update for ucode-intel (Moderate)
    2022-08-31
    oval:org.opensuse.security:def:20161946
    V
    		CVE-2016-1946
    2022-08-07
    oval:org.opensuse.security:def:94882
    P
    		MozillaFirefox-91.8.0-150200.152.26.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:3252
    P
    		MozillaFirefox-91.8.0-150200.152.26.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:1523
    P
    		Security update for MozillaThunderbird (Important)
    2022-06-13
    oval:org.opensuse.security:def:1167
    P
    		Security update for jackson-databind, jackson-dataformats-binary, jackson-annotations, jackson-bom, jackson-core (Important)
    2022-05-16
    oval:org.opensuse.security:def:1301
    P
    		Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP3) (Important)
    2022-04-14
    oval:org.opensuse.security:def:1056
    P
    		Security update for yaml-cpp (Moderate)
    2022-04-01
    oval:org.opensuse.security:def:1412
    P
    		Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP3) (Important)
    2022-02-01
    oval:org.opensuse.security:def:111898
    P
    		MozillaFirefox-50.1.0-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:945
    P
    		Security update for net-snmp (Important)
    2022-01-11
    oval:org.opensuse.security:def:70030
    P
    		Security update for xorg-x11-server (Important)
    2021-12-21
    oval:org.opensuse.security:def:93994
    P
    		 (Important)
    2021-12-06
    oval:org.opensuse.security:def:1639
    P
    		Security update for squid (Moderate)
    2021-10-20
    oval:org.opensuse.security:def:105475
    P
    		MozillaFirefox-50.1.0-1.1 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:71207
    P
    		hardlink-1.0+git.e66999f-1.25 on GA media (Moderate)
    2021-09-21
    oval:org.opensuse.security:def:69925
    P
    		Security update for ffmpeg (Important)
    2021-09-02
    oval:org.opensuse.security:def:48045
    P
    		ibus-chewing-1.4.14-4.11 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47570
    P
    		bzip2-1.0.6-29.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47131
    P
    		ppc64-diag-2.7.1-5.6 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48191
    P
    		libsmi-0.4.8-18.55 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47794
    P
    		libtasn1-4.9-3.5.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47266
    P
    		glib2-lang-2.48.2-10.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48287
    P
    		python-pywbem-0.7.0-4.3 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48156
    P
    		libnetpbm11-10.66.3-8.7.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47591
    P
    		dbus-1-1.8.22-29.10.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47242
    P
    		dosfstools-3.0.26-6.5 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48302
    P
    		sane-backends-1.0.24-3.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47831
    P
    		mutt-1.10.1-55.6.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47377
    P
    		libmpfr4-3.1.2-7.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47130
    P
    		powerpc-utils-1.3.2-17.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48129
    P
    		libjansson4-2.12-3.5.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47702
    P
    		libecpg6-10.5-1.3.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47145
    P
    		rpcbind-0.2.3-21.4 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48256
    P
    		pam_krb5-2.4.4-4.4 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47942
    P
    		aaa_base-13.2+git20140911.61c1681-38.13.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47459
    P
    		pam_krb5-2.4.4-4.4 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47241
    P
    		dnsmasq-2.76-17.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48358
    P
    		zypper-1.13.51-21.26.4 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48240
    P
    		memcached-1.4.39-4.6.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47683
    P
    		libXrender1-0.9.8-7.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47256
    P
    		freeradius-server-3.0.14-1.8 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:72447
    P
    		MozillaFirefox-78.10.0-8.38.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62728
    P
    		MozillaFirefox-78.10.0-8.38.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:101134
    P
    		MozillaFirefox-78.10.0-8.38.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:49443
    P
    		Security update for nodejs10 (Important)
    2021-07-14
    oval:org.opensuse.security:def:48469
    P
    		libXinerama1-1.1.3-3.54 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:71094
    P
    		rpcbind-0.2.3-3.22 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48398
    P
    		cyrus-sasl-2.1.26-7.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48367
    P
    		apache-commons-httpclient-3.1-4.364 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:64507
    P
    		Security update for hivex (Moderate)
    2021-05-26
    oval:org.opensuse.security:def:67754
    P
    		Security update for the Linux Kernel (Live Patch 21 for SLE 15) (Important)
    2021-04-28
    oval:org.opensuse.security:def:100707
    P
    		 (Important)
    2021-02-17
    oval:org.opensuse.security:def:72331
    P
    		MozillaFirefox-68.8.0-3.87.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:107373
    P
    		MozillaFirefox-68.8.0-3.87.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62612
    P
    		MozillaFirefox-68.8.0-3.87.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:72109
    P
    		MozillaFirefox-52.7.3-1.35 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62390
    P
    		MozillaFirefox-52.7.3-1.35 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:89851
    P
    		MozillaFirefox-60.6.2-3.32.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:72220
    P
    		MozillaFirefox-60.6.2-3.32.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:103506
    P
    		MozillaFirefox-60.6.2-3.32.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62501
    P
    		MozillaFirefox-60.6.2-3.32.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:73365
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49386
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49554
    P
    		libjbig2-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:66674
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49497
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64420
    P
    		opensc on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:73247
    P
    		libxcb-composite0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:67854
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49332
    P
    		socat on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49608
    P
    		MozillaFirefox on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:66582
    P
    		pam on GA media (Moderate)
    2020-12-01
    oval:com.ubuntu.precise:def:20161946000
    V
    		CVE-2016-1946 on Ubuntu 12.04 LTS (precise) - medium.
    2016-01-31
    oval:com.ubuntu.trusty:def:20161946000
    V
    		CVE-2016-1946 on Ubuntu 14.04 LTS (trusty) - medium.
    2016-01-31
    BACK
    opensuse leap 42.1
    opensuse opensuse 13.1
    opensuse opensuse 13.2
    mozilla firefox *
    mozilla firefox 43.0