← back
CVE-2016-9899

CVE-2016-9899

EPSS 21.4%
Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
Affected products
Mozilla · FirefoxMozilla · Firefox ESRMozilla · Thunderbird
public PoCs found2
cve_referencewww.exploit-db.com/exploits/41042/unverifiedexploitdbwww.exploit-db.com/exploits/41042unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://rhn.redhat.com/errata/RHSA-2016-2946.htmlhttp://rhn.redhat.com/errata/RHSA-2016-2973.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=1317409https://security.gentoo.org/glsa/201701-15https://www.debian.org/security/2017/dsa-3757https://www.exploit-db.com/exploits/41042/https://www.mozilla.org/security/advisories/mfsa2016-94/https://www.mozilla.org/security/advisories/mfsa2016-95/https://www.mozilla.org/security/advisories/mfsa2016-96/http://www.securityfocus.com/bid/94885http://www.securitytracker.com/id/1037461