A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

References

bugzilla.redhat.com/show_bug.cgi?id=1400376

www.mozilla.org/en-US/security/advisories/mfsa2016-92/#CVE-2016-9079

nessus 32

veracode 1

cve 1

cert 1

cisa_kev 1

openvas 33

debian 5

oraclelinux 2

attackerkb 1

slackware 2

archlinux 2

centos 2

debiancve 1

redhat 2

kaspersky 1

freebsd 1

mageia 2

zdt 4

suse 7

seebug 1

packetstorm 2

prion 1

thn 1

ubuntucve 1

mozilla 1

googleprojectzero 1

ubuntu 2

checkpoint_advisories 1

exploitpack 1

exploitdb 1

gentoo 2

osv 2

ibm 2

nessus

RHEL 5 / 6 / 7 : thunderbird (RHSA-2016:2850)

2016-12-06 00:00:00

Oracle Linux 6 / 7 : thunderbird (ELSA-2016-2850)

2016-12-06 00:00:00

openSUSE Security Update : Mozilla Thunderbird (openSUSE-2016-1393)

2016-12-06 00:00:00

veracode

Information Disclosure

2019-01-15 09:14:26

cve

CVE-2016-9079

2018-06-11 21:29:00

cert

Mozilla Firefox SVG animation nsSMILTimeContainer use-after-free vulnerability

2016-11-30 00:00:00

cisa_kev

Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free Vulnerability

2023-06-22 00:00:00

openvas

Mageia: Security Advisory (MGASA-2016-0410)

2022-01-28 00:00:00

Slackware: Security Advisory (SSA:2016-336-02)

2022-04-21 00:00:00

CentOS Update for thunderbird CESA-2016:2850 centos5

2016-12-07 00:00:00

debian

[SECURITY] [DSA 3728-1] firefox-esr security update

2016-12-01 14:27:36

[SECURITY] [DSA 3728-1] firefox-esr security update

2016-12-01 14:27:36

[SECURITY] [DSA 3730-1] icedove security update

2016-12-11 16:05:42

oraclelinux

thunderbird security update

2016-12-05 00:00:00

firefox security update

2016-12-01 00:00:00

attackerkb

CVE-2016-9079

2018-06-11 00:00:00

slackware

[slackware-security] mozilla-firefox

2016-12-01 09:00:27

[slackware-security] mozilla-thunderbird

2016-12-01 09:00:42

archlinux

[ASA-201612-2] thunderbird: arbitrary code execution

2016-12-01 00:00:00

[ASA-201612-1] firefox: multiple issues

2016-12-01 00:00:00

centos

thunderbird security update

2016-12-06 20:06:31

firefox security update

2016-12-03 11:57:24

debiancve

CVE-2016-9079

2018-06-11 21:29:00

redhat

(RHSA-2016:2843) Critical: firefox security update

2016-12-01 00:00:00

(RHSA-2016:2850) Important: thunderbird security update

2016-12-05 00:00:00

kaspersky

KLA10906 Use-after-free vulnerability in Mozilla products

2016-11-30 00:00:00

freebsd

Mozilla -- SVG Animation Remote Code Execution

2016-11-30 00:00:00

mageia

Updated firefox packages fix security vulnerability

2016-12-06 00:49:27

Updated thunderbird packages fix security vulnerabilities

2016-12-06 00:49:27

zdt

Mozilla Firefox nsSMILTimeContainer::NotifyTimeChange() Remote Code Execution Exploit

2017-01-24 00:00:00

Firefox 50.0.1 - ASM.JS JIT-Spray Remote Code Execution Exploit

2017-07-15 00:00:00

Firefox 46.0.1 - ASM.JS JIT-Spray Remote Code Execution Exploit

2018-03-17 00:00:00

suse

Security update for Mozilla Thunderbird (important)

2016-12-04 22:06:50

Security update for MozillaFirefox (important)

2016-12-07 21:07:02

Security update for MozillaFirefox (important)

2016-12-04 22:07:40

seebug

New Firefox/Tor Browser 0-day vulnerability （CVE-2016-9079）

2016-11-30 00:00:00

packetstorm

Firefox nsSMILTimeContainer::NotifyTimeChange() Remote Code Execution

2017-01-24 00:00:00

Firefox 50.0.1 ASM.JS JIT-Spray Remote Code Execution

2017-07-14 00:00:00

prion

Design/Logic Flaw

2018-06-11 21:29:00

thn

UPDATE Firefox and Tor to Patch Critical Zero-day Vulnerability

2016-11-30 21:32:00

ubuntucve

CVE-2016-9079

2016-11-30 00:00:00

mozilla

Firefox SVG Animation Remote Code Execution — Mozilla

2016-11-30 00:00:00

googleprojectzero

The Great DOM Fuzz-off of 2017

2017-09-21 00:00:00

ubuntu

Firefox vulnerabilities

2016-11-30 00:00:00

Thunderbird vulnerabilities

2016-12-01 00:00:00

checkpoint_advisories

Mozilla Multiple Products Remote Code Execution (CVE-2016-9079; CVE-2017-5375)

2016-12-01 00:00:00

exploitpack

Firefox 50.0.1 - ASM.JS JIT-Spray Remote Code Execution

2017-07-14 00:00:00

exploitdb

Firefox 50.0.1 - ASM.JS JIT-Spray Remote Code Execution

2017-07-14 00:00:00

gentoo

Mozilla SeaMonkey: Multiple vulnerabilities

2017-01-13 00:00:00

Mozilla Firefox, Thunderbird: Multiple vulnerabilities

2017-01-03 00:00:00

osv

firefox-esr - security update

2016-12-01 00:00:00

icedove - security update

2016-12-17 00:00:00

ibm

Security Bulletin: Mozilla Firefox vulnerability issues in IBM SONAS

2018-06-18 00:32:15

Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM Storwize V7000 Unified.

2018-06-18 00:32:14

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

JSON

Related for RH:CVE-2016-9079