JSON View XML View

Key Value
MTID M116138
Title Mozilla Firefox /Firefox ESR /Thunderbird SVG Animation Remote Code Execution
Description A vulnerability in some versions of Mozilla products could lead to remote code execution.
Observation A vulnerability in some versions of Mozilla products could lead to remote code execution.

The flaw is due to a use-after-free vulnerability in SVG Animation. Successful exploitation by a remote attacker could result in the execution of arbitrary code.
Recommendation The vendor has released an update to address the issue:

https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/
Vendor Mozilla
Attack Vector Malicious remote network traffic
Importance 9
Impact 10.00084536000
Threat Score 9.33
Labels
References
CVECVE-2016-9079
DISA IAVA2016-A-0332
MTIDM116138
CPEs
cpe:/a:mozilla:firefox:50.0.1
cpe:/a:mozill:firefox_esr:45.5.0
cpe:/a:mozilla:thunderbird:45.5.0
Created At 2016-11-30 00:00:00 UTC
Updated At 2017-02-16 15:09:53 UTC

Back