What is the severity of CVE-2016-2814?

CVE-2016-2814 is classified as a critical vulnerability due to its potential to allow remote code execution.

How do I fix CVE-2016-2814?

To fix CVE-2016-2814, update your Firefox browser to version 46.0 or later.

What versions of Firefox are affected by CVE-2016-2814?

CVE-2016-2814 affects Mozilla Firefox versions before 46.0 and Firefox ESR versions before 38.8 and 45.1.

Can CVE-2016-2814 be exploited remotely?

Yes, CVE-2016-2814 can be exploited remotely via crafted CENC offsets.

What impact does CVE-2016-2814 have on users?

CVE-2016-2814 can lead to arbitrary code execution, which may compromise user data and system integrity.

Vulnerability/
CVE-2016-2814

high

8.8

CWE

119

30/4/2016

22/10/2024

CVE-2016-2814: Buffer Overflow

First published: Sat Apr 30 2016(Updated: )

Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code via crafted CENC offsets that lead to mismanagement of the sizes table.

Credit: security@mozilla.org security@mozilla.org

Affected Software	Affected Version	How to fix
Mozilla Firefox	<=45.0.2
Mozilla Firefox	=45.0.1
Mozilla Firefox ESR	=38.0
Mozilla Firefox ESR	=38.0.1
Mozilla Firefox ESR	=38.0.5
Mozilla Firefox ESR	=38.1.0
Mozilla Firefox ESR	=38.1.1
Mozilla Firefox ESR	=38.2.0
Mozilla Firefox ESR	=38.2.1
Mozilla Firefox ESR	=38.3.0
Mozilla Firefox ESR	=38.4.0
Mozilla Firefox ESR	=38.5.0
Mozilla Firefox ESR	=38.5.1
Mozilla Firefox ESR	=38.6.0
Mozilla Firefox ESR	=38.6.1
Mozilla Firefox ESR	=38.7.0
Mozilla Firefox ESR	=38.7.1
Mozilla Firefox	=38.0
Mozilla Firefox	=38.0.1
Mozilla Firefox	=38.0.5
Mozilla Firefox	=38.1.0
Mozilla Firefox	=38.1.1
Mozilla Firefox	=38.2.0
Mozilla Firefox	=38.2.1
Mozilla Firefox	=38.3.0
Mozilla Firefox	=38.4.0
Mozilla Firefox	=38.5.0
Mozilla Firefox	=38.5.1
Mozilla Firefox	=38.6.0
Mozilla Firefox	=38.6.1
Mozilla Firefox	=38.7.0
Mozilla Firefox	=38.7.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-2814?
CVE-2016-2814 is classified as a critical vulnerability due to its potential to allow remote code execution.
How do I fix CVE-2016-2814?
To fix CVE-2016-2814, update your Firefox browser to version 46.0 or later.
What versions of Firefox are affected by CVE-2016-2814?
CVE-2016-2814 affects Mozilla Firefox versions before 46.0 and Firefox ESR versions before 38.8 and 45.1.
Can CVE-2016-2814 be exploited remotely?
Yes, CVE-2016-2814 can be exploited remotely via crafted CENC offsets.
What impact does CVE-2016-2814 have on users?
CVE-2016-2814 can lead to arbitrary code execution, which may compromise user data and system integrity.

agent/type
collector/nvd-index
agent/software-canonical-lookup-request
agent/references
agent/severity
agent/weakness
agent/description
collector/mitre-cve
source/MITRE
agent/first-publish-date
agent/event
agent/author
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
agent/softwarecombine
agent/tags
agent/source
vendor/mozilla
canonical/mozilla firefox
version/mozilla firefox/45.0.2
version/mozilla firefox/45.0.1
canonical/mozilla firefox esr
version/mozilla firefox esr/38.0
version/mozilla firefox esr/38.0.1
version/mozilla firefox esr/38.0.5
version/mozilla firefox esr/38.1.0
version/mozilla firefox esr/38.1.1
version/mozilla firefox esr/38.2.0
version/mozilla firefox esr/38.2.1
version/mozilla firefox esr/38.3.0
version/mozilla firefox esr/38.4.0
version/mozilla firefox esr/38.5.0
version/mozilla firefox esr/38.5.1
version/mozilla firefox esr/38.6.0
version/mozilla firefox esr/38.6.1
version/mozilla firefox esr/38.7.0
version/mozilla firefox esr/38.7.1
version/mozilla firefox/38.0
version/mozilla firefox/38.0.1
version/mozilla firefox/38.0.5
version/mozilla firefox/38.1.0
version/mozilla firefox/38.1.1
version/mozilla firefox/38.2.0
version/mozilla firefox/38.2.1
version/mozilla firefox/38.3.0
version/mozilla firefox/38.4.0
version/mozilla firefox/38.5.0
version/mozilla firefox/38.5.1
version/mozilla firefox/38.6.0
version/mozilla firefox/38.6.1
version/mozilla firefox/38.7.0
version/mozilla firefox/38.7.1

CVE-2016-2814: Buffer Overflow

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-2814?

How do I fix CVE-2016-2814?

What versions of Firefox are affected by CVE-2016-2814?

Can CVE-2016-2814 be exploited remotely?

What impact does CVE-2016-2814 have on users?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2016-2814?

How do I fix CVE-2016-2814?

What versions of Firefox are affected by CVE-2016-2814?

Can CVE-2016-2814 be exploited remotely?

What impact does CVE-2016-2814 have on users?