Searching
..

Click anywhere to stop

KLA10906
Use-after-free vulnerability in Mozilla products

Updated: 01/22/2024
Detect date
?
11/30/2016
Severity
?
Critical
Description

A use-after-free vulnerability was found in Mozilla Firefox before 50.0.2, Mozilla Firefox ESR before 45.5.1 and Mozilla Thunderbird before 45.5.1. Exploiting this vulnerability can possibly lead to a denial of service and also an execution of arbitrary code. This vulnerability can be exploited remotely via a SVG Animation.

NB: This vulnerability have no public CVSS rating so rating can be changed by the time.

NB: At this moment Mozilla just reserved CVE numbers for this vulnerabilities. Information can be changed soon.

Affected products

Mozilla Firefox before 50.0.2
Mozilla Firefox ESR before 45.5.1
Mozilla Thunderbird before 45.5.1

Solution

Update to the latest versions
Download Mozilla Firefox
Download Mozilla Thunderbird
Mozilla Firefox ESR

Original advisories

Mozilla Foundation Security Advisory 2016-92

Impacts
?
ACE 
[?]

DoS 
[?]

SB 
[?]
Related products
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox ESR
CVE-IDS
?
CVE-2016-90795.0Warning
Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Find out the statistics of the vulnerabilities spreading in your region