Arch Linux Security Advisory ASA-201612-1 ========================================= Severity: Critical Date : 2016-12-01 CVE-ID : CVE-2016-9078 CVE-2016-9079 Package : firefox Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package firefox before version 50.0.2-1 is vulnerable to multiple issues including arbitrary code execution and same-origin policy bypass. Resolution ========== Upgrade to 50.0.2-1. # pacman -Syu "firefox>=50.0.2-1" The problems have been fixed upstream in version 50.0.2. Workaround ========== None. Description =========== - CVE-2016-9078 (same-origin policy bypass) Redirection from an HTTP connection to a data: URL assigns the referring site's origin to the data: URL in some circumstances. This can result in same-origin violations against a domain if it loads resources from malicious sites. Cross-origin setting of cookies has been demonstrated without the ability to read them. - CVE-2016-9079 (arbitrary code execution) A use-after-free vulnerability has been discovered in the SVG Animation component of Firefox, leading to arbitrary code execution. Impact ====== A remote attacker can bypass the same-origin policy and execute arbitrary code on the affected host. References ========== https://www.mozilla.org/en-US/security/advisories/mfsa2016-91/ https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/ https://access.redhat.com/security/cve/CVE-2016-9078 https://access.redhat.com/security/cve/CVE-2016-9079