Vulnerability Change Records for CVE-2016-1964

Change History

CPE Deprecation Remap 10/30/2018 12:27:35 PM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:novell:opensuse:13.1:*:*:*:*:*:*:*
OR
     *cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

CPE Deprecation Remap 10/30/2018 12:27:32 PM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:novell:leap:42.1:*:*:*:*:*:*:*
OR
     *cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*

CPE Deprecation Remap 12/27/2019 11:9:04 AM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:oracle:linux:7.0:*:*:*:*:*:*:*
OR
     *cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*

CVE Modified by Mozilla Corporation 11/30/2016 10:7:52 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.gentoo.org/glsa/201605-06 [No Types Assigned]

Modified Analysis 3/17/2016 2:56:01 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
Configuration 1
     OR
          *cpe:2.3:a:mozilla:firefox_esr:38.6.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.6.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.5.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.5.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.4.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.3.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.2.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.2.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.1.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:thunderbird:38.6.0:*:*:*:*:*:*:* (and previous)
          *cpe:2.3:a:mozilla:firefox:44.0.2:*:*:*:*:*:*:* (and previous)
Added CVSS V2

								
							
							
						
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Added CVSS V3

								
							
							
						
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
NVD-CWE-Other
Added Evaluator Description

								
							
							
						
<a href="http://cwe.mitre.org/data/definitions/416.html">CWE-416: Use After Free</a>
Changed Reference Type
http://www.mozilla.org/security/announce/2016/mfsa2016-27.html No Types Assigned
http://www.mozilla.org/security/announce/2016/mfsa2016-27.html Advisory

CVE Translated 3/15/2016 7:45:00 AM

Action Type Old Value New Value
Added Translation

								
							
							
						
Vulnerabilidad de uso después de liberación de memoria en la función AtomicBaseIncDec en Mozilla Firefox en versiones anteriores a 45.0 y Firefox ESR 38.x en versiones anteriores a 38.7 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria dinámica) mediante el aprovechamiento del manejo incorrecto de transformaciones XML.
Removed Translation
Vulnerabilidad de uso después de liberación de memoria en la función AtomicBaseIncDec en Mozilla Firefox en versiones anteriores a 45.0 y Firefox ESR 38.x en versiones anteriores a 38.7 permiten a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria dinámica) mediante el aprovechamiento del manejo incorrecto de transformaciones XML.

								
						

Modified Analysis 10/13/2016 3:55:41 PM

Action Type Old Value New Value
Changed CPE Configuration
Configuration 1
     OR
          *cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:leap:42.1:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:opensuse:13.2:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:opensuse:13.1:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:a:mozilla:firefox_esr:38.6.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.6.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.5.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.5.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.4.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.3.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.2.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.2.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.1.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:thunderbird:38.6.0:*:*:*:*:*:*:* (and previous)
          *cpe:2.3:a:mozilla:firefox:44.0.2:*:*:*:*:*:*:* (and previous)
Configuration 1
     OR
          *cpe:2.3:o:oracle:linux:7.0:*:*:*:*:*:*:*
          *cpe:2.3:o:oracle:linux:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:leap:42.1:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:opensuse:13.2:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:opensuse:13.1:*:*:*:*:*:*:*
Configuration 3
     OR
          *cpe:2.3:a:mozilla:firefox_esr:38.6.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.6.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.5.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.5.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.4.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.3.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.2.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.2.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.1.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:thunderbird:38.6.0:*:*:*:*:*:*:* (and previous)
          *cpe:2.3:a:mozilla:firefox:44.0.2:*:*:*:*:*:*:* (and previous)
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html Third Party Advisory
Changed Reference Type
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html No Types Assigned
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html Third Party Advisory
Changed Reference Type
https://bugzilla.mozilla.org/show_bug.cgi?id=1243335 No Types Assigned
https://bugzilla.mozilla.org/show_bug.cgi?id=1243335 Issue Tracking

CVE Modified by Mozilla Corporation 12/02/2016 10:23:47 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html [No Types Assigned]
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html [No Types Assigned]
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html [No Types Assigned]
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html [No Types Assigned]
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html [No Types Assigned]
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html [No Types Assigned]
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html [No Types Assigned]
Added Reference

								
							
							
						
http://www.debian.org/security/2016/dsa-3510 [No Types Assigned]
Added Reference

								
							
							
						
http://www.debian.org/security/2016/dsa-3520 [No Types Assigned]
Added Reference

								
							
							
						
http://www.securitytracker.com/id/1035215 [No Types Assigned]
Added Reference

								
							
							
						
http://www.ubuntu.com/usn/USN-2917-1 [No Types Assigned]
Added Reference

								
							
							
						
http://www.ubuntu.com/usn/USN-2917-2 [No Types Assigned]
Added Reference

								
							
							
						
http://www.ubuntu.com/usn/USN-2917-3 [No Types Assigned]
Added Reference

								
							
							
						
http://www.ubuntu.com/usn/USN-2934-1 [No Types Assigned]

CVE Modified by Source 10/11/2016 10:2:24 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

Initial CVE Analysis 3/17/2016 12:27:36 PM

Action Type Old Value New Value

Modified Analysis 5/18/2016 6:32:22 PM

Action Type Old Value New Value
Changed CPE Configuration
Configuration 1
     OR
          *cpe:2.3:a:mozilla:firefox_esr:38.6.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.6.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.5.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.5.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.4.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.3.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.2.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.2.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.1.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:thunderbird:38.6.0:*:*:*:*:*:*:* (and previous)
          *cpe:2.3:a:mozilla:firefox:44.0.2:*:*:*:*:*:*:* (and previous)
Configuration 1
     OR
          *cpe:2.3:a:mozilla:firefox_esr:38.6.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.6.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.5.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.5.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.4.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.3.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.2.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.2.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.1.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:thunderbird:38.6.0:*:*:*:*:*:*:* (and previous)
          *cpe:2.3:a:mozilla:firefox:44.0.2:*:*:*:*:*:*:* (and previous)
Configuration 2
     OR
          *cpe:2.3:o:novell:opensuse:13.1:*:*:*:*:*:*:*

CVE Modified by Source 7/18/2016 9:59:31 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

CPE Deprecation Remap 12/27/2019 11:8:55 AM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:oracle:linux:6.0:*:*:*:*:*:*:*
OR
     *cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*

Initial CVE Analysis 10/13/2016 2:42:14 PM

Action Type Old Value New Value
Changed CPE Configuration
Configuration 1
     OR
          *cpe:2.3:a:mozilla:firefox_esr:38.6.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.6.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.5.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.5.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.4.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.3.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.2.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.2.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.1.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:thunderbird:38.6.0:*:*:*:*:*:*:* (and previous)
          *cpe:2.3:a:mozilla:firefox:44.0.2:*:*:*:*:*:*:* (and previous)
Configuration 2
     OR
          *cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:leap:42.1:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:opensuse:13.2:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:opensuse:13.1:*:*:*:*:*:*:*
Configuration 1
     OR
          *cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:leap:42.1:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:opensuse:13.2:*:*:*:*:*:*:*
          *cpe:2.3:o:novell:opensuse:13.1:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:o:oracle:linux:7.0:*:*:*:*:*:*:*
          *cpe:2.3:o:oracle:linux:6.0:*:*:*:*:*:*:*
          *cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*
Configuration 3
     OR
          *cpe:2.3:a:mozilla:firefox_esr:38.6.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.6.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.5.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.5.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.4.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.3.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.2.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.2.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.1.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:*
          *cpe:2.3:a:mozilla:thunderbird:38.6.0:*:*:*:*:*:*:* (and previous)
          *cpe:2.3:a:mozilla:firefox:44.0.2:*:*:*:*:*:*:* (and previous)
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html Third Party Advisory
Changed Reference Type
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html No Types Assigned
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html Third Party Advisory

CPE Deprecation Remap 10/30/2018 12:27:37 PM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:novell:opensuse:13.2:*:*:*:*:*:*:*
OR
     *cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

CVE Modified by Source 4/25/2016 9:59:41 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html