MiracleLinux 7 : firefox-45.5.1-1.0.1.el7.AXS7 (AXSA:2016-1183:09)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2016-1183:09 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this release:...

MiracleLinux 4 : firefox-45.5.1-1.0.1.AXS4 (AXSA:2016-1152:10)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2016-1152:10 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this release:...

Slackware: Security Advisory (SSA:2016-336-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:3080-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for firefox (EulerOS-SA-2017-1011)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-9079

A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox 50.0.2, Firefox ESR 45.5.1, and Thunderbird 45.5.1...

CVE-2016-9079

CVE-2016-9079 is a use-after-free vulnerability in Mozilla Firefox/Thunderbird SVG Animation. Affected: Firefox < 50.0.2, Firefox ESR < 45.5.1, Thunderbird

CVE-2016-9079

A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox 50.0.2, Firefox ESR 45.5.1, and Thunderbird 45.5.1...

CVE-2016-9079

A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox 50.0.2, Firefox ESR 45.5.1, and Thunderbird 45.5.1...

The Great DOM Fuzz-off of 2017

Posted by Ivan Fratric, Project Zero Introduction Historically, DOM engines have been one of the largest sources of web browser bugs. And while in the recent years the popularity of those kinds of bugs in targeted attacks has somewhat fallen in favor of Flash which allows for cross-browser exploi...

Firefox 50.0.1 - ASM.JS JIT-Spray Remote Code Execution

Firefox 50.0.1 - ASM.JS JIT-Spray Remote Code Execution function asmjsmodule "use asm"; / huge jitted nop sled / function payloadcode var val = 0; val = val + 0xa8909090|0; val = val + 0xa8909090|0; val = val + 0xa8909090|0; val = val + 0xa8909090|0; val = val + 0xa8909090|0; val = val +...

Firefox 50.0.1 ASM.JS JIT-Spray Remote Code Execution

function asmjsmodule "use asm"; / huge jitted nop sled / function payloadcode var val = 0; val = val + 0xa8909090|0; val = val + 0xa8909090|0; val = val + 0xa8909090|0; val = val + 0xa8909090|0; val = val + 0xa8909090|0; val = val + 0xa8909090|0; val = val + 0xa8909090|0; val = val + 0xa8909090|0...

Firefox 50.0.1 - ASM.JS JIT-Spray Remote Code Execution

function asmjsmodule "use asm"; / huge jitted nop sled / function payloadcode var val = 0; val = val + 0xa8909090|0; val = val + 0xa8909090|0; val = val + 0xa8909090|0; val = val + 0xa8909090|0; val = val + 0xa8909090|0; val = val + 0xa8909090|0; val = val + 0xa8909090|0; val = val + 0xa8909090|0...

EulerOS 2.0 SP2 : firefox (EulerOS-SA-2017-1011)

According to the versions of the firefox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or,...

EulerOS 2.0 SP1 : firefox (EulerOS-SA-2017-1012)

According to the versions of the firefox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or,...

CVE-2016-9079

creationtimestamp| type| source ---|---|--- 2017-01-24 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41151 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/firefoxsmiluaf.rb 2023-06-22 18:10:03+00:00| see...

Mozilla Firefox < 50.0.2 - 'nsSMILTimeContainer::NotifyTimeChange()' Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Firefox nsSMILTimeContainer::NotifyTimeChange RCE", 'Description' = %q This module exploits an out-of-bounds...

Mozilla Firefox nsSMILTimeContainer::NotifyTimeChange() Remote Code Execution Exploit

This Metasploit module exploits an out-of-bounds indexing/use-after-free condition present in nsSMILTimeContainer::NotifyTimeChange across numerous versions of Mozilla Firefox on Microsoft Windows. This module requires Metasploit: http://metasploit.com/download Current source:...

Firefox nsSMILTimeContainer::NotifyTimeChange() RCE

This module exploits an out-of-bounds indexing/use-after-free condition present in nsSMILTimeContainer::NotifyTimeChange across numerous versions of Mozilla Firefox on Microsoft Windows. This module requires Metasploit: https://metasploit.com/download Current source:...

Scientific Linux Security Update : thunderbird on SL5.x, SL6.x, SL7.x i386/x86_64 (20161205)

This update upgrades Thunderbird to version 45.5.1. Security Fixes : - A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird...