CVE-2016-9079
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-9079
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-9079.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2016-9079
- Related
- Published
- 2018-06-11T21:29:01Z
- Modified
- 2024-11-21T03:00:33Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.
- References
-
- http://rhn.redhat.com/errata/RHSA-2016-2843.html
- http://rhn.redhat.com/errata/RHSA-2016-2850.html
- http://www.securityfocus.com/bid/94591
- http://www.securitytracker.com/id/1037370
- https://bugzilla.mozilla.org/show_bug.cgi?id=1321066
- https://security.gentoo.org/glsa/201701-15
- https://security.gentoo.org/glsa/201701-35
- https://www.debian.org/security/2016/dsa-3730
- https://www.exploit-db.com/exploits/41151/
- https://www.exploit-db.com/exploits/42327/
- https://www.mozilla.org/security/advisories/mfsa2016-92/
- https://security-tracker.debian.org/tracker/CVE-2016-9079
Affected packages
Debian:11 / firefox-esr
Package
- Name
- firefox-esr
- Purl
- pkg:deb/debian/firefox-esr?arch=source
Debian:12 / firefox-esr
Package
- Name
- firefox-esr
- Purl
- pkg:deb/debian/firefox-esr?arch=source
Debian:13 / firefox-esr
Package
- Name
- firefox-esr
- Purl
- pkg:deb/debian/firefox-esr?arch=source