Attacker Value

Unknown

(1 user assessed)

Exploitability

Unknown

(1 user assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

1

CVE-2016-9079

Disclosure Date: June 11, 2018 •

Exploited in the Wild

Reported by gwillcox-r7 and 2 more...
View Source Details

Description

A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.

Add Assessment

1

gwillcox-r7 (579)

November 22, 2020 3:23am UTC (4 years ago)

Technical Analysis

Reported as exploited in the wild as part of Google’s 2020 0day vulnerability spreadsheet they made available at https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit#gid=1869060786. Original tweet announcing this spreadsheet with the 2020 findings can be found at https://twitter.com/maddiestone/status/1329837665378725888

Log in to Add Reply

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

debian,
mozilla,
redhat,
torproject

Products

debian linux 9.0,
enterprise linux 5.0,
enterprise linux 6.0,
enterprise linux 7.0,
enterprise linux desktop 5.0,
enterprise linux desktop 6.0,
enterprise linux desktop 7.0,
enterprise linux server 5.0,
enterprise linux server 6.0,
enterprise linux server 7.0,
enterprise linux server aus 7.3,
enterprise linux server aus 7.4,
enterprise linux server eus 7.3,
enterprise linux server eus 7.4,
enterprise linux server eus 7.5,
enterprise linux workstation 5.0,
enterprise linux workstation 6.0,
enterprise linux workstation 7.0,
firefox,
firefox esr,
thunderbird,
tor -

Metasploit Modules

Firefox nsSMILTimeContainer::NotifyTimeChange() RCE (https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/firefox_smil_uaf.rb)

Exploited in the Wild

Reported by:

gwillcox-r7

Reported: November 22, 2020 3:23am UTC (4 years ago)

mkienow-r7 indicated sources as

Government or Industry Alert (https://www.cisa.gov/known-exploited-vulnerabilities-catalog)
Other: CISA Gov Alert (https://www.cisa.gov/news-events/alerts/2023/06/22/cisa-adds-six-known-exploited-vulnerabilities-catalog)

Reported: June 22, 2023 4:33pm UTC (1 year ago)

AttackerKB Worker indicated source as Government or Industry Alert (https://www.cisa.gov/news-events/alerts/2023/06/22/cisa-adds-six-known-exploited-vulnerabilities-catalog)

Reported: November 08, 2024 8:20am UTC (3 weeks ago)

References

Canonical

CVE-2016-9079 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079)

BID-94591 (http://www.securityfocus.com/bid/94591)

Advisory

DSA-3730 (https://www.debian.org/security/2016/dsa-3730)

http://rhn.redhat.com/errata/RHSA-2016-2843.html

GLSA-201701-35 (https://security.gentoo.org/glsa/201701-35)

SECTRACK-1037370 (http://www.securitytracker.com/id/1037370)

EXPLOIT-DB-42327 (https://www.exploit-db.com/exploits/42327)

http://rhn.redhat.com/errata/RHSA-2016-2850.html

https://www.mozilla.org/security/advisories/mfsa2016-92

GLSA-201701-15 (https://security.gentoo.org/glsa/201701-15)

EXPLOIT-DB-41151 (https://www.exploit-db.com/exploits/41151)

https://bugzilla.mozilla.org/show_bug.cgi?id=1321066

Rapid7

Technical Analysis