VIR Vulnerability Intelligence Relay

CVE-2016-2815

high
Published 2016-06-13 · Modified 2026-05-06
CVSS v3
8.8
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS v2
6.8
VIR risk
8.8

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Predictions

Exploit likelihood
92%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2016-2815

vendor Authored 2026-05-27

Vendor advisory: security@mozilla.org — http://www.mozilla.org/security/announce/2016/mfsa2016-49.html

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2016-2815.html

OS impact
OSVersionStatusFixed in
suse slesaffected
debian debiansidfixed47.0-1
debian debianbookwormfixed0
debian debianbullseyefixed0
debian debianforkyfixed0
debian debiantrixiefixed0
ubuntu ubuntu12.04affected
ubuntu ubuntu14.04affected
ubuntu ubuntu15.10affected
ubuntu ubuntu16.04affected
suse suse12.0affected
suse suse42.1affected
suse suse13.1affected
suse suse13.2affected

Application impact
VendorProductVersionsFixed
mozilla mozillafirefox{"endIncluding":"45.1.1"}
suse novellsuse_linux_enterprise_software_development_kit12.0

References

CWEs

CWE-119

Verify integrity in audit chain (admin only). AS-IS.