PT-2016-7868 · Mozilla+3 · Firefox+3

Filipe Gomes

·

Published

2016-12-13

·

Updated

2024-12-12

·

CVE-2016-9896

CVSS v3.1

8.1

High

VectorAV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 50.1
Description A use-after-free issue occurs when manipulating the "navigator" object within WebVR, which is not enabled by default.
Recommendations For versions prior to 50.1, update to version 50.1 or later to resolve the issue.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2016-2446
ALT-PU-2017-1578
CVE-2016-9896
MGASA-2017-0323
OPENSUSE-SU-2016_3184-1
OPENSUSE-SU-2016_3310-1
OPENSUSE-SU-2024:10071-1
OPENSUSE-SU-2024:14572-1
USN-3155-1

Affected Products

Alt Linux
Firefox
Suse
Ubuntu