본문 바로가기

취약점 정보2

Firefox 50.0.2 업데이트 권고

728x90

Firefox SVG Animation Remote Code Execution

ANNOUNCED
November 30, 2016
PRODUCTS
Firefox, Firefox ESR, Thunderbird
FIXED IN
  • Firefox 50.0.2
  • Firefox ESR 45.5.1
  • Thunderbird 45.5.1

#CVE-2016-9079: Use-after-free in SVG Animation

REPORTER
Obscured Team
IMPACT
CRITICAL
Description

A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows.

References


728x90