PublicDateAtUSN: 2016-11-30
Candidate: CVE-2016-9079
PublicDate: 2018-06-11 21:29:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079
 https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/
 https://ubuntu.com/security/notices/USN-3140-1
 https://ubuntu.com/security/notices/USN-3141-1
Description:
 A use-after-free vulnerability in SVG Animation has been discovered. An
 exploit built on this vulnerability has been discovered in the wild
 targeting Firefox and Tor Browser users on Windows. This vulnerability
 affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.
Ubuntu-Description: 
Notes: 
Bugs: 
Priority: medium
Discovered-by:
Assigned-to: chrisccoulson
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N [7.5 HIGH]

Patches_firefox: 
upstream_firefox: released (50.0.2)
precise_firefox: released (50.0.2+build1-0ubuntu0.12.04.1)
trusty_firefox: released (50.0.2+build1-0ubuntu0.14.04.1)
trusty/esm_firefox: DNE (trusty was released [50.0.2+build1-0ubuntu0.14.04.1])
vivid/ubuntu-core_firefox: DNE
vivid/stable-phone-overlay_firefox: DNE
xenial_firefox: released (50.0.2+build1-0ubuntu0.16.04.1)
esm-infra/xenial_firefox: released (50.0.2+build1-0ubuntu0.16.04.1)
yakkety_firefox: released (50.0.2+build1-0ubuntu0.16.10.1)
devel_firefox: released (50.0.2+build1-0ubuntu1)

Patches_thunderbird:
Priority_thunderbird: low
upstream_thunderbird: released (45.5.1)
precise_thunderbird: released (1:45.5.1+build1-0ubuntu0.12.04.1)
trusty_thunderbird: released (1:45.5.1+build1-0ubuntu0.14.04.1)
trusty/esm_thunderbird: DNE (trusty was released [1:45.5.1+build1-0ubuntu0.14.04.1])
vivid/ubuntu-core_thunderbird: DNE
vivid/stable-phone-overlay_thunderbird: DNE
xenial_thunderbird: released (1:45.5.1+build1-0ubuntu0.16.04.1)
esm-infra/xenial_thunderbird: released (1:45.5.1+build1-0ubuntu0.16.04.1)
yakkety_thunderbird: released (1:45.5.1+build1-0ubuntu0.16.10.1)
devel_thunderbird: released (1:45.7.0+build1-0ubuntu1)