diff options
| author | cmt <cmt@FreeBSD.org> | 2016-12-01 21:40:50 +0800 |
|---|---|---|
| committer | cmt <cmt@FreeBSD.org> | 2016-12-01 21:40:50 +0800 |
| commit | f2a1ab4c5951ef4d1301f8cf6ea77f86ab63104d (patch) | |
| tree | fd63fed45f9794badd5fe23087fd41f26c445259 /security | |
| parent | e048deebd8bb9932c78e2c6c642a42a7eeb9bb95 (diff) | |
| download | freebsd-ports-gnome-f2a1ab4c5951ef4d1301f8cf6ea77f86ab63104d.tar.gz freebsd-ports-gnome-f2a1ab4c5951ef4d1301f8cf6ea77f86ab63104d.tar.zst freebsd-ports-gnome-f2a1ab4c5951ef4d1301f8cf6ea77f86ab63104d.zip | |
document mozilla vulnerabilities CVE-2016-9079
PR: 214978
Approved by: jbeich, rene (mentor, implicit)
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index c3d0dfd91bd8..d81cb244ad94 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,55 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="18f39fb6-7400-4063-acaf-0806e92c094f"> + <topic>Mozilla -- SVG Animation Remote Code Execution</topic> + <affects> + <package> + <name>firefox</name> + <range><lt>50.0.2,1</lt></range> + </package> + <package> + <name>firefox-esr</name> + <range><lt>45.5.1,1</lt></range> + </package> + <package> + <name>linux-firefox</name> + <range><lt>45.5.1,2</lt></range> + </package> + <package> + <name>libxul</name> + <range><lt>45.5.1</lt></range> + </package> + <package> + <name>thunderbird</name> + <range><lt>45.5.1</lt></range> + </package> + <package> + <name>linux-thunderbird</name> + <range><lt>45.5.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The Mozilla Foundation reports:</p> + <blockquote cite="https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/"> + <p>A use-after-free vulnerability in SVG Animation has been + discovered. An exploit built on this vulnerability has been + discovered in the wild targeting Firefox and Tor Browser + users on Windows.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2016-9079</cvename> + <url>https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/</url> + </references> + <dates> + <discovery>2016-11-30</discovery> + <entry>2016-12-01</entry> + </dates> + </vuln> + <vuln vid="479c5b91-b6cc-11e6-a04e-3417eb99b9a0"> <topic>wget -- Access List Bypass / Race Condition</topic> <affects> |