CVE-2016-9893: Buffer Overflow

First published: Tue Dec 13 2016(Updated: )

Memory safety bugs were reported in Thunderbird 45.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

Credit: security@mozilla.org

Affected Software	Affected Version	How to fix
Mozilla Thunderbird	<45.6	45.6
Mozilla Firefox	<50.1	50.1
	<45.6	45.6
	<45.6	45.6
Debian Debian Linux	=9.0
Redhat Enterprise Linux	=5.0
Redhat Enterprise Linux	=6.0
Redhat Enterprise Linux	=7.0
Redhat Enterprise Linux Desktop	=5.0
Redhat Enterprise Linux Desktop	=6.0
Redhat Enterprise Linux Desktop	=7.0
Redhat Enterprise Linux Server	=5.0
Redhat Enterprise Linux Server	=6.0
Redhat Enterprise Linux Server	=7.0
Redhat Enterprise Linux Server Aus	=7.3
Redhat Enterprise Linux Server Aus	=7.4
Redhat Enterprise Linux Server Eus	=7.3
Redhat Enterprise Linux Server Eus	=7.4
Redhat Enterprise Linux Server Eus	=7.5
Redhat Enterprise Linux Workstation	=5.0
Redhat Enterprise Linux Workstation	=6.0
Redhat Enterprise Linux Workstation	=7.0
Mozilla Thunderbird	<45.6.0
Mozilla Firefox	<50.1
Mozilla Firefox ESR	<45.6.0
debian/firefox		118.0.2-1
debian/firefox-esr		91.12.0esr-1~deb10u1 115.3.1esr-1~deb10u1 102.15.0esr-1~deb11u1 115.3.1esr-1~deb11u1 102.15.1esr-1~deb12u1 115.3.0esr-1~deb12u1 115.3.0esr-1

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

collector/security-tracker-debian
collector/mozilla-advisory
agent/type
agent/last-modified-date
agent/first-publish-date
agent/weakness
agent/references
agent/severity
agent/author
agent/softwarecombine
source/Mozilla
agent/software-canonical-lookup
agent/event
agent/description
agent/software-canonical-lookup-request
agent/tags
collector/nvd-index
collector/mitre-cve
source/MITRE
package-manager/debian
vendor/mozilla
canonical/mozilla thunderbird
canonical/mozilla firefox esr
canonical/mozilla firefox
vendor/debian
canonical/debian debian linux
version/debian debian linux/9.0
vendor/redhat
canonical/redhat enterprise linux
version/redhat enterprise linux/5.0
version/redhat enterprise linux/6.0
version/redhat enterprise linux/7.0
canonical/redhat enterprise linux desktop
version/redhat enterprise linux desktop/5.0
version/redhat enterprise linux desktop/6.0
version/redhat enterprise linux desktop/7.0
canonical/redhat enterprise linux server
version/redhat enterprise linux server/5.0
version/redhat enterprise linux server/6.0
version/redhat enterprise linux server/7.0
canonical/redhat enterprise linux server aus
version/redhat enterprise linux server aus/7.3
version/redhat enterprise linux server aus/7.4
canonical/redhat enterprise linux server eus
version/redhat enterprise linux server eus/7.3
version/redhat enterprise linux server eus/7.4
version/redhat enterprise linux server eus/7.5
canonical/redhat enterprise linux workstation
version/redhat enterprise linux workstation/5.0
version/redhat enterprise linux workstation/6.0
version/redhat enterprise linux workstation/7.0

CVE-2016-9893: Buffer Overflow

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Peer vulnerabilities

Company

Resources

Contact