DEBIAN-CVE-2016-5258

DEBIAN-CVE-2016-5258 PUBLISHED CVSS 8.800000190734863 HIGH

Use-after-free vulnerability in the WebRTC socket thread in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code by leveraging incorrect free operations on DTLS objects during the shutdown of a WebRTC session.

Risk Scores

CVSS v3.0

8.800000190734863

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Debian:13	firefox-esr	0, 0, 0
Debian:11	firefox-esr	0, 0, 0
Debian:12	firefox-esr	0, 0, 0
Debian:14	firefox-esr	0, 0, 0

Timeline

Aug 5, 2016 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2016-5258 advisory

Open in Interactive Console →