Mozilla Foundation Security Advisory 2016-92

Firefox SVG Animation Remote Code Execution

Announced

November 30, 2016

Impact

critical

Products

Firefox, Firefox ESR, Thunderbird

Fixed in

Firefox 50.0.2
Firefox ESR 45.5.1
Thunderbird 45.5.1

#CVE-2016-9079: Use-after-free in SVG Animation

Reporter: Obscured Team
Impact: critical

Description

A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows.

References

Iterator invalidation in nsSMILTimeContainer::NotifyTimeChange()

Firefox for Desktop

Firefox for Android

Firefox for iOS

Firefox Focus

Firefox Blog

Release Notes

Mozilla Monitor

Facebook Container

Pocket

Mozilla VPN

Firefox Relay

MDN Plus

Fakespot

Mozilla Manifesto

Mozilla Foundation

Leadership

Get involved

Careers

Mozilla Blog

Impact

Firefox Developer Edition

MDN Web Docs

Mozilla Innovation Projects

Common Voice