what you don't know can hurt you
Showing 1 - 9 of 9 RSS Feed

CVE-2016-9079

Status Candidate

Overview

A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.

Related Files

Firefox 50.0.1 ASM.JS JIT-Spray Remote Code Execution
Posted Jul 14, 2017
Authored by Rh0

Firefox version 50.0.1 full ASLR and DEP bypass exploit using ASM.JS JIT-spray.

tags | exploit
advisories | CVE-2016-9079, CVE-2017-5375
MD5 | 7a48d520cb4cdd3d74af0cf1ed0c841c
Firefox nsSMILTimeContainer::NotifyTimeChange() Remote Code Execution
Posted Jan 24, 2017
Authored by Anonymous Gaijin | Site metasploit.com

This Metasploit module exploits an out-of-bounds indexing/use-after-free condition present in nsSMILTimeContainer::NotifyTimeChange() across numerous versions of Mozilla Firefox on Microsoft Windows.

tags | exploit
systems | windows
advisories | CVE-2016-9079
MD5 | 77d27dce95315732a67e02fbeffa113b
Gentoo Linux Security Advisory 201701-35
Posted Jan 13, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-35 - Multiple vulnerabilities have been found in Mozilla SeaMonkey, the worst of which could lead to the remote execution of arbitrary code. Versions less than 2.46-r1 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-1521, CVE-2016-1522, CVE-2016-1523, CVE-2016-1526, CVE-2016-9079
MD5 | 069b6113937e168aaf68a6f53ae842fb
Debian Security Advisory 3730-1
Posted Dec 11, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3730-1 - Multiple security issues have been found in Icedove, Debian's version of same-origin policy bypass issues, integer overflows, buffer overflows and use-after-frees may lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2016-5290, CVE-2016-5291, CVE-2016-5296, CVE-2016-5297, CVE-2016-9066, CVE-2016-9074, CVE-2016-9079
MD5 | e41e69a9ad1773d2c5ca46ebc73ecd5b
Red Hat Security Advisory 2016-2850-01
Posted Dec 5, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2850-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.5.1. Security Fix: A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-9079
MD5 | efb2211109d65e3cf26634ef0c2472ac
Red Hat Security Advisory 2016-2843-01
Posted Dec 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2843-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.5.1 ESR. Security Fix: A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-9079
MD5 | 149a670cfeef758e598950c4fefc9572
Slackware Security Advisory - mozilla-firefox Updates
Posted Dec 1, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-9079
MD5 | c6c681614360784b6f031a54e121946b
Ubuntu Security Notice USN-3141-1
Posted Dec 1, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3141-1 - Christian Holler, Jon Coppeard, Olli Pettay, Ehsan Akhgari, Gary Kwong, Tooru Fujisawa, and Randell Jesup discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. A same-origin policy bypass was discovered with local HTML files in some circumstances. An attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2016-5290, CVE-2016-5291, CVE-2016-5296, CVE-2016-5297, CVE-2016-9066, CVE-2016-9079
MD5 | 1cf3df007e1af15077b4158c28b60ccd
Ubuntu Security Notice USN-3140-1
Posted Dec 1, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3140-1 - It was discovered that data: URLs can inherit the wrong origin after a HTTP redirect in some circumstances. An attacker could potentially exploit this to bypass same-origin restrictions. A use-after-free was discovered in SVG animations. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-9078, CVE-2016-9079
MD5 | 8647b45527a30c1c825f9c04fdd14b6c
Page 1 of 1
Back1Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    11 Files
  • 21
    May 21st
    21 Files
  • 22
    May 22nd
    20 Files
  • 23
    May 23rd
    36 Files
  • 24
    May 24th
    2 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close