VDB

GCVE-110-MAGEIA-2016-379

GCVE-110-MAGEIA-2016-379
Advisory Published
Vulnetix · Advisory published November 17, 2016
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox (CVE-2016-5296, CVE-2016-5297, CVE-2016-9066, CVE-2016-5291, CVE-2016-5290). A flaw was found in the way Add-on update process was handled by Firefox. A Man-in-the-Middle attacker could use this flaw to install a malicious signed add-on update (CVE-2016-9064). An existing mitigation of timing side-channel attacks in NSS before 3.26.1 is insufficient in some circumstances (CVE-2016-9074).

Affected Products

VendorProductVersionsPlatforms
Mageianss3.27.1-1.mga5 (unaffected), 0 (affected)
Mageiarootcerts0 (affected), 20160922.00-1.mga5 (unaffected)
Mageiafirefox-l10n0 (affected), 45.5.0-1.mga5 (unaffected)
Mageianspr0 (affected), 4.13.1-1.mga5 (unaffected)
Mageiafirefox0 (affected), 45.5.0-1.mga5 (unaffected)

Browse GCVE Records

71,925 records in the GCVE database · Updated July 13, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›