{
  "threat_severity" : "Critical",
  "public_date" : "2016-04-26T00:00:00Z",
  "bugzilla" : {
    "description" : "Mozilla: Miscellaneous memory safety hazards (rv:46.0 / rv:45.1) (MFSA 2016-39)",
    "id" : "1330270",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1330270"
  },
  "cvss" : {
    "cvss_base_score" : "6.8",
    "cvss_scoring_vector" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
    "status" : "verified"
  },
  "details" : [ "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." ],
  "acknowledgement" : "Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Boris Zbarsky, Carsten Book, Christian Holler, David Bolter, Gary Kwong, Jesse Ruderman, Mats Palmgren, and Randell Jesup as the original reporters.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2016-04-26T00:00:00Z",
    "advisory" : "RHSA-2016:0695",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "firefox-0:45.1.0-1.el5_11"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2016-04-26T00:00:00Z",
    "advisory" : "RHSA-2016:0695",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "firefox-0:45.1.0-1.el6_7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2016-04-26T00:00:00Z",
    "advisory" : "RHSA-2016:0695",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "firefox-0:45.1.0-1.el7_2"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2016-2806\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-2806\nhttps://www.mozilla.org/security/announce/2016/mfsa2016-39.html" ],
  "name" : "CVE-2016-2806",
  "csaw" : false
}