The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages "type confusion."
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DLA-585-1 | firefox-esr security update |
![]() |
DSA-3640-1 | firefox-esr security update |
![]() |
EUVD-2016-6214 | The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages "type confusion." |
![]() |
USN-3044-1 | Firefox vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Tue, 22 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:* | |
Vendors & Products |
Mozilla firefox Esr
|
Mon, 21 Oct 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:mozilla:firefox_esr:45.2.0:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox_esr:45.3.0:*:*:*:*:*:*:* |
cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:* |

Status: PUBLISHED
Assigner: mozilla
Published:
Updated: 2024-08-06T00:53:48.877Z
Reserved: 2016-06-03T00:00:00
Link: CVE-2016-5263

No data.

Status : Deferred
Published: 2016-08-05T01:59:19.173
Modified: 2025-04-12T10:46:40.837
Link: CVE-2016-5263


No data.