Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

Vulnerability IntelligenceCVE-2016-5257

CVE-2016-5257

CRITICAL9.8

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49

Published Sep 22, 2016

Modified 1 years ago

Details

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird < 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

References

http://rhn.redhat.com/errata/RHSA-2016-1912.html

http://rhn.redhat.com/errata/RHSA-2016-1985.html

http://www.debian.org/security/2016/dsa-3674

http://www.debian.org/security/2016/dsa-3690

http://www.mozilla.org/security/announce/2016/mfsa2016-85.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html

http://www.securityfocus.com/bid/93049

http://www.securitytracker.com/id/1036852

https://bugzilla.mozilla.org/show_bug.cgi?id=1277213

https://bugzilla.mozilla.org/show_bug.cgi?id=1287204

https://bugzilla.mozilla.org/show_bug.cgi?id=1288555

https://bugzilla.mozilla.org/show_bug.cgi?id=1288588

https://bugzilla.mozilla.org/show_bug.cgi?id=1288780

https://bugzilla.mozilla.org/show_bug.cgi?id=1289280

https://bugzilla.mozilla.org/show_bug.cgi?id=1293347

https://bugzilla.mozilla.org/show_bug.cgi?id=1294095

https://bugzilla.mozilla.org/show_bug.cgi?id=1294407

https://security.gentoo.org/glsa/201701-15

https://www.cve.org/CVERecord?id=CVE-2016-5257

https://www.mozilla.org/security/advisories/mfsa2016-86/

https://www.mozilla.org/security/advisories/mfsa2016-88/

CVSS Analysis

CVSS v3.0

9.8

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Privileges Required

NonePR:N

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Ecosystems

Timeline

PublishedSep 22, 2016

ModifiedAug 6, 2024

CVE-2016-5257 | Mondoo Vulnerability Intelligence