AVG-90

Package firefox
Status Fixed
Severity Critical
Type multiple issues
Affected 50.0-1
Fixed 50.0.2-1
Current 60.0.2-1 [extra]
Ticket None
Created Wed Nov 30 23:20:15 2016
Issue Severity Remote Type Description
CVE-2016-9079 Critical Yes Arbitrary code execution
A use-after-free vulnerability has been discovered in the SVG Animation component of Firefox, leading to arbitrary code execution.
CVE-2016-9078 Critical Yes Same-origin policy bypass
Redirection from an HTTP connection to a data: URL assigns the referring site's origin to the data: URL in some circumstances. This can result in...
Date Advisory Package Description
01 Dec 2016 ASA-201612-1 firefox multiple issues