FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Mozilla -- SVG Animation Remote Code Execution

Affected packages
firefox < 50.0.2,1
firefox-esr < 45.5.1,1
linux-firefox < 45.5.1,2
seamonkey < 2.46
linux-seamonkey < 2.46
libxul < 45.5.1
thunderbird < 45.5.1
linux-thunderbird < 45.5.1

Details

VuXML ID 18f39fb6-7400-4063-acaf-0806e92c094f
Discovery 2016-11-30
Entry 2016-12-01
Modified 2016-12-16

The Mozilla Foundation reports:

A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows.

[source]

References

CVE Name CVE-2016-9079
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.