Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2016-9079

Published: 11/06/2018 Updated: 09/08/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 511
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Debian

Vulnerability Summary

A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

debian debian linux 9.0

redhat enterprise linux 5.0

redhat enterprise linux 7.0

redhat enterprise linux server aus 7.3

redhat enterprise linux server eus 7.4

redhat enterprise linux server 5.0

redhat enterprise linux workstation 5.0

redhat enterprise linux desktop 5.0

redhat enterprise linux server 6.0

redhat enterprise linux server 7.0

redhat enterprise linux desktop 7.0

redhat enterprise linux workstation 6.0

redhat enterprise linux workstation 7.0

redhat enterprise linux server aus 7.4

redhat enterprise linux 6.0

redhat enterprise linux desktop 6.0

redhat enterprise linux server eus 7.5

redhat enterprise linux server eus 7.3

mozilla thunderbird

mozilla firefox

mozilla firefox_esr

torproject tor -

Vendor Advisories

Red Hat: Critical: firefox security update
Synopsis Critical: firefox security update Type/Severity Security Advisory: Critical Topic An update for firefox is now available for Red Hat Enterprise Linux 5, Red HatEnterprise Linux 6, and Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact ofCritical A ...
Red Hat: Important: thunderbird security update
Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Topic An update for thunderbird is now available for Red Hat Enterprise Linux 5, RedHat Enterprise Linux 6, and Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact ofI ...
Debian Security Advisories: DSA-3730-1 icedove -- security update
Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors, same-origin policy bypass issues, integer overflows, buffer overflows and use-after-frees may lead to the execution of arbitrary code or denial of service For the stable distribution (jessie), these problems ...
Ubuntu Security Notice: firefox vulnerabilities
Firefox could be made to crash or run programs as your login if it opened a malicious website ...
Ubuntu Security Notice: thunderbird vulnerabilities
Several security issues were fixed in Thunderbird ...
Mozilla: Firefox SVG Animation Remote Code Execution
Mozilla Foundation Security Advisory 2016-92 Firefox SVG Animation Remote Code Execution Announced November 30, 2016 Impact critical Products Firefox, Firefox ESR, Thunderbird Fixed in Firefox 5002 ...
Red Hat: CVE-2016-9079
A flaw was found in the processing of malformed web content A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox ...
Arch Linux Issues:
A use-after-free vulnerability has been discovered in the SVG Animation component of Firefox, leading to arbitrary code execution ...

Exploits

Exploit DB: Firefox 50.0.1 ASM.JS JIT-Spray Remote Code Execution
Firefox version 5001 full ASLR and DEP bypass exploit using ASMJS JIT-spray ...
Exploit DB: Firefox 50.0.1 - ASM.JS JIT-Spray Remote Code Execution
&lt;!DOCTYPE HTML&gt; &lt;!-- FULL ASLR AND DEP BYPASS USING ASMJS JIT SPRAY (CVE-2017-5375) PoC Exploit against Firefox 5001 (CVE-2016-9079 - Tor Browser 0day) Tested on: Release 5001 32-bit - Windows 81 / Windows 10 ftpmozillaorg/pub/firefox/releases/5001/win32/en-US/Firefox%20Setup%205001exe Howt ...
Exploit DB: Mozilla Firefox < 50.0.2 - 'nsSMILTimeContainer::NotifyTimeChange()' Remote Code Execution (Metasploit)
## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## require 'msf/core' class MetasploitModule &lt; Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::HttpServer def initialize(info={}) super(update_info(info, 'Na ...

Github Repositories

https://github.com/Tau-hub/Firefox-CVE-2016-9079

Firefox RCE CVE-2016-9079 nsSMILTimeContainer This a manual exploit of wwwexploit-dbcom/exploits/41151, another one exists for Windows 10 (githubcom/soham23/firefox-rce-nssmil) but it didn't work on windows 81 so I made mine You have to modify the line 241 with your own shellcode There is an example above this line Download the repository, and start

https://github.com/dangokyo/CVE-2016-9079

A demo exploit of CVE-2016-9079 on Ubuntu x64

CVE-2016-9079 A demo exploit of CVE-2016-9079 on Ubuntu x64

https://github.com/soham23/firefox-rce-nssmil

Firefox RCE CVE-2016-9079 nsSMILTimeContainer Port of: wwwexploit-dbcom/exploits/41151 Tested On: Firefox 3801esr on Windows 10 1903 How to Use: cd into the folder containing indexhtml, and workerjs Start http server in that directory Visit attacker/indexhtml from the victim Note: The metasploit exploit first fingerprints the browser, then checks the os

https://github.com/Thuynh808/Qualys-Quest-Analysis

Qualys Quest Analysis Overview Qualys is a cloud-based service that provides vulnerability scanning and

References

CWE-416https://www.mozilla.org/security/advisories/mfsa2016-92/https://bugzilla.mozilla.org/show_bug.cgi?id=1321066https://www.exploit-db.com/exploits/42327/https://www.exploit-db.com/exploits/41151/https://www.debian.org/security/2016/dsa-3730https://security.gentoo.org/glsa/201701-35https://security.gentoo.org/glsa/201701-15http://www.securitytracker.com/id/1037370http://www.securityfocus.com/bid/94591http://rhn.redhat.com/errata/RHSA-2016-2850.htmlhttp://rhn.redhat.com/errata/RHSA-2016-2843.htmlhttps://access.redhat.com/errata/RHSA-2016:2843https://nvd.nist.govhttps://usn.ubuntu.com/3140-1/https://www.exploit-db.com/exploits/42327/https://www.kb.cert.org/vuls/id/791496
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcodedarbitrary codeCVE-2024-2404CVE-2024-21111CVE-2024-28627CVE-2024-4073information disclosureCVE-2024-32780CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook