CVE-2016-9067: Use After Free

Reference Links

• https://bugzilla.mozilla.org/show_bug.cgi?id=1301777
• https://bugzilla.mozilla.org/show_bug.cgi?id=1308922
• https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/
• http://www.securityfocus.com/bid/94337
• http://www.securitytracker.com/id/1037298
• https://www.mozilla.org/security/advisories/mfsa2016-89/

Parent vulnerabilities

(Appears in the following advisories)

• MFSA2016-89

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2016-5296
• CVE-2016-5292
• CVE-2016-5293
• CVE-2016-5294
• CVE-2016-5297
• CVE-2016-9064
• CVE-2016-9065
• CVE-2016-9066
• CVE-2016-9067
• CVE-2016-9068
• CVE-2016-9072
• CVE-2016-9075
• CVE-2016-9077
• CVE-2016-5291
• CVE-2016-5295
• CVE-2016-5298
• CVE-2016-5299
• CVE-2016-9061
• CVE-2016-9062
• CVE-2016-9070
• CVE-2016-9073
• CVE-2016-9074
• CVE-2016-9076
• CVE-2016-9063
• CVE-2016-9071
• CVE-2016-5289
• CVE-2016-5290

Frequently Asked Questions

• What is CVE-2016-9067?

  CVE-2016-9067 is a vulnerability in Firefox < 50 that involves two use-after-free errors during DOM operations, which can result in potentially exploitable crashes.

• What is the severity of CVE-2016-9067?

  The severity of CVE-2016-9067 is high with a CVSS score of 6.5.

• How does CVE-2016-9067 affect Firefox?

  CVE-2016-9067 affects versions of Firefox that are less than 50.

• How can CVE-2016-9067 be exploited?

  CVE-2016-9067 can be exploited through the use of two use-after-free errors during DOM operations in Firefox.

• How can I fix CVE-2016-9067?

  To fix CVE-2016-9067, update your Firefox version to 50 or later.