{"id":"CVE-2016-9079","details":"A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox \u003c 50.0.2, Firefox ESR \u003c 45.5.1, and Thunderbird \u003c 45.5.1.","modified":"2026-04-16T06:16:05.925690522Z","published":"2018-06-11T21:29:01.797Z","related":["SUSE-SU-2016:3048-1","SUSE-SU-2016:3080-1","SUSE-SU-2016:3105-1","openSUSE-SU-2016:3019-1","openSUSE-SU-2024:10071-1","openSUSE-SU-2024:10230-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"WEB","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-9079"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2016-92/"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-2843.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-2850.html"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1037370"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201701-15"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201701-35"},{"type":"ADVISORY","url":"https://www.debian.org/security/2016/dsa-3730"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/94591"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1321066"},{"type":"EVIDENCE","url":"https://www.exploit-db.com/exploits/42327/"},{"type":"EVIDENCE","url":"https://www.exploit-db.com/exploits/41151/"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"5.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"5.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"5.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.3"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.3"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.5"}]},{"events":[{"introduced":"0"},{"last_affected":"5.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"fixed":"45.5.1"}]},{"events":[{"introduced":"0"},{"fixed":"50.0.2"}]},{"events":[{"introduced":"0"},{"fixed":"45.5.1"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9079.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}