CVE-2016-9079
HIGH7.5⚠ KEVEPSS 84.8%firefox-esr - security update
Published: 6/11/2018Modified: 4/28/2026Added to CISA KEV: 6/22/2023
Also known as:DEBIAN-CVE-2016-9079
Description
A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.
Affected packages (2)
- Debian/firefox-esrfrom 0, < 45.5.1esr-1
- Debian/firefox-esrfrom 0, < 45.5.1esr-1~deb8u1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |