CVE-2016-5296

Summary

A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.

Affected Software

VendorProductVersion RangeStatus
MozillaThunderbirdunspecified < 45.5affected
MozillaFirefox ESRunspecified < 45.5affected
MozillaFirefoxunspecified < 50affected

Weaknesses

  • Heap-buffer-overflow WRITE in rasterize_edges_1

ADP Enrichment

CVE Program Container

Additional References

References