High severity7.5CISA KEVNVD Advisory· Published Jun 11, 2018· Updated Jun 17, 2026
CVE-2016-9079
CVE-2016-9079
Description
A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
41<50.0.2+ 2 more
- (no CPE)range: <50.0.2
- (no CPE)range: unspecified
- (no CPE)range: unspecified
<45.5.1+ 1 more
- (no CPE)range: <45.5.1
- (no CPE)range: unspecified
- osv-coords35 versionspkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Tumbleweedpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Manager%202.1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Manager%20Proxy%202.1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20OpenStack%20Cloud%205pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSSpkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/mozilla-nss&distro=SUSE%20Manager%202.1pkg:rpm/suse/mozilla-nss&distro=SUSE%20Manager%20Proxy%202.1pkg:rpm/suse/mozilla-nss&distro=SUSE%20OpenStack%20Cloud%205pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Package%20Hub%2012
< 128.5.1-1.1+ 34 more
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 50.1.0-1.1
- (no CPE)range: < 45.5.1-1.1
- (no CPE)range: < 45.5.1esr-93.1
- (no CPE)range: < 45.5.1esr-93.1
- (no CPE)range: < 45.5.1esr-59.1
- (no CPE)range: < 45.5.1esr-63.1
- (no CPE)range: < 45.5.1esr-59.1
- (no CPE)range: < 45.5.1esr-59.1
- (no CPE)range: < 45.5.1esr-59.1
- (no CPE)range: < 45.5.1esr-93.1
- (no CPE)range: < 45.5.1esr-93.1
- (no CPE)range: < 45.5.1esr-93.1
- (no CPE)range: < 45.5.1esr-93.1
- (no CPE)range: < 45.5.1esr-59.1
- (no CPE)range: < 45.5.1esr-93.1
- (no CPE)range: < 45.5.1esr-93.1
- (no CPE)range: < 45.5.1esr-93.1
- (no CPE)range: < 45.5.1esr-59.1
- (no CPE)range: < 45.5.1esr-93.1
- (no CPE)range: < 45.5.1esr-93.1
- (no CPE)range: < 45.5.1esr-59.1
- (no CPE)range: < 45.5.1esr-59.1
- (no CPE)range: < 45.5.1esr-59.1
- (no CPE)range: < 3.21.3-39.1
- (no CPE)range: < 3.21.3-30.1
- (no CPE)range: < 3.21.3-39.1
- (no CPE)range: < 3.21.3-39.1
- (no CPE)range: < 3.21.3-39.1
- (no CPE)range: < 3.21.3-39.1
- (no CPE)range: < 3.21.3-39.1
- (no CPE)range: < 3.21.3-39.1
- (no CPE)range: < 3.21.3-39.1
- (no CPE)range: < 3.21.3-39.1
- (no CPE)range: < 45.5.1-17.1
Patches
Vulnerability mechanics
References
12- bugzilla.mozilla.org/show_bug.cginvdExploitIssue TrackingVendor Advisory
- www.exploit-db.com/exploits/41151/nvdExploitThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/42327/nvdExploitThird Party AdvisoryVDB Entry
- rhn.redhat.com/errata/RHSA-2016-2843.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2016-2850.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/94591nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1037370nvdThird Party AdvisoryVDB Entry
- security.gentoo.org/glsa/201701-15nvdThird Party Advisory
- security.gentoo.org/glsa/201701-35nvdThird Party Advisory
- www.debian.org/security/2016/dsa-3730nvdThird Party Advisory
- www.mozilla.org/security/advisories/mfsa2016-92/nvdVendor Advisory
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.