HTTP: Mozilla Firefox CVE-2016-9079 Use After Free

Signature attempts to capture an out-of-bounds indexing/use-after-free condition present in Mozilla Firefox on Microsoft Windows.

Extended Description

A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.

Affected Products

Redhat enterprise_linux_workstation

References

CVE: CVE-2017-5375

Short Name
HTTP:STC:CVE-2016-9079-UAF
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
After CVE-2016-9079 CVE-2017-5375 Firefox Free Mozilla Use
Release Date
01/04/2018
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3590
False Positive
Unknown
Vendors

Debian

Redhat

CVSS Score

7.5

5.0

Found a potential security threat?