what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2016-9079

Status Candidate

Overview

A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.

Related Files

Firefox 50.0.1 ASM.JS JIT-Spray Remote Code Execution
Posted Jul 14, 2017
Authored by Rh0

Firefox version 50.0.1 full ASLR and DEP bypass exploit using ASM.JS JIT-spray.

tags | exploit
advisories | CVE-2016-9079, CVE-2017-5375
SHA-256 | 86cecd285d657c050c53a7f7a6a47081e1bc4db32994a106122cf7a3a0d39213
Firefox nsSMILTimeContainer::NotifyTimeChange() Remote Code Execution
Posted Jan 24, 2017
Authored by Anonymous Gaijin | Site metasploit.com

This Metasploit module exploits an out-of-bounds indexing/use-after-free condition present in nsSMILTimeContainer::NotifyTimeChange() across numerous versions of Mozilla Firefox on Microsoft Windows.

tags | exploit
systems | windows
advisories | CVE-2016-9079
SHA-256 | af960164b10f4978888d3c2dcdca0041f4f8d2e33bf4bb4404e345fe8ea3e6b9
Gentoo Linux Security Advisory 201701-35
Posted Jan 13, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-35 - Multiple vulnerabilities have been found in Mozilla SeaMonkey, the worst of which could lead to the remote execution of arbitrary code. Versions less than 2.46-r1 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-1521, CVE-2016-1522, CVE-2016-1523, CVE-2016-1526, CVE-2016-9079
SHA-256 | edb4103926996cc60bdbdba4e04c9d073a6b3369fcdbbd4d3088d21fac388142
Debian Security Advisory 3730-1
Posted Dec 11, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3730-1 - Multiple security issues have been found in Icedove, Debian's version of same-origin policy bypass issues, integer overflows, buffer overflows and use-after-frees may lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2016-5290, CVE-2016-5291, CVE-2016-5296, CVE-2016-5297, CVE-2016-9066, CVE-2016-9074, CVE-2016-9079
SHA-256 | 1f5058909d3b0d5663a8bd4c592827d4b9971ab4d1592c8532083a9575a01b7b
Red Hat Security Advisory 2016-2850-01
Posted Dec 5, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2850-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.5.1. Security Fix: A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-9079
SHA-256 | f2b5168d74f1e0e5d96b19992b90ed1ad3a05d346e5ddc46d229fe84bb406be4
Red Hat Security Advisory 2016-2843-01
Posted Dec 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2843-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.5.1 ESR. Security Fix: A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-9079
SHA-256 | 435dfe9352257dc57f397cc39e899cbaf3481b14535753a62444cd16c0d57442
Slackware Security Advisory - mozilla-firefox Updates
Posted Dec 1, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-9079
SHA-256 | 4a3a2a66035388a0a73ba252d401b73840b1c52eb41d1688bc971fd062d4288e
Ubuntu Security Notice USN-3141-1
Posted Dec 1, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3141-1 - Christian Holler, Jon Coppeard, Olli Pettay, Ehsan Akhgari, Gary Kwong, Tooru Fujisawa, and Randell Jesup discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. A same-origin policy bypass was discovered with local HTML files in some circumstances. An attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2016-5290, CVE-2016-5291, CVE-2016-5296, CVE-2016-5297, CVE-2016-9066, CVE-2016-9079
SHA-256 | 0156c492b9961af8947272769020c060ab5812598c1fcfa320436988f5460391
Ubuntu Security Notice USN-3140-1
Posted Dec 1, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3140-1 - It was discovered that data: URLs can inherit the wrong origin after a HTTP redirect in some circumstances. An attacker could potentially exploit this to bypass same-origin restrictions. A use-after-free was discovered in SVG animations. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-9078, CVE-2016-9079
SHA-256 | f75f1de4f2150a8b347c4b8f5b7f8c787811b1e039813e9fee9dafd967bf9ec3
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close