CVE ID:	CVE-2016-2837
Description:	Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media Plugin (GMP) sandbox bypass.
Test IDs:	1.3.6.1.4.1.25623.1.2.1.2016.77
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2016-2837 BugTraq ID: 92258 http://www.securityfocus.com/bid/92258 Debian Security Information: DSA-3640 (Google Search) http://www.debian.org/security/2016/dsa-3640 https://security.gentoo.org/glsa/201701-15 http://www.zerodayinitiative.com/advisories/ZDI-16-673 RedHat Security Advisories: RHSA-2016:1551 http://rhn.redhat.com/errata/RHSA-2016-1551.html http://www.securitytracker.com/id/1036508 SuSE Security Announcement: openSUSE-SU-2016:1964 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html SuSE Security Announcement: openSUSE-SU-2016:2026 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://www.ubuntu.com/usn/USN-3044-1