CVE-2016-9079
Description
A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
84.813
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2016-9079 are affected in Mozilla Firefox (x64) 45.5.0 | Windows |
| Vulnerabilities CVE-2016-9079 are affected in Mozilla Firefox (x64) 50.0.1 | Windows |
| Vulnerabilities CVE-2016-9079 are affected in Mozilla Thunderbird 45.5.0 | Windows |
| Vulnerabilities CVE-2016-9079 are affected in Mozilla_Firefox 45.5.0 | Windows |
| Vulnerabilities CVE-2016-9079 are affected in Mozilla_Firefox 50.0.1 | Windows |
| Vulnerabilities CVE-2016-9079 are fixed in Update for Mozilla Firefox For Mac (50.0.2) | Mac |
| Vulnerabilities CVE-2016-9079 are fixed in Update for Mozilla Thunderbird For Mac (45.5.1) | Mac |
| Vulnerabilities CVE-2016-9079 are fixed in Mozilla Firefox For Mac 45.5.1 | Mac |
| firefox-esr security update(DSA-3716-1) firefox-esr_45.5.1esr-1~deb8u1_i386.deb | Linux |
| firefox-esr security update(DSA-3728-1) firefox-esr_45.5.1esr-1~deb8u1_kfreebsd-amd64.deb | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-607000 | Mozilla Firefox For Mac (124.0) |
| PATCH-611353 | Mozilla Thunderbird For Mac (128.12.0) |
| PATCH-612783 | Mozilla Firefox For Mac (145.0.1) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234