---

Mozilla Patches SVG Animation Remote Code Execution in Firefox and Thunderbird

The vulnerability was, in fact, an use-after-free in Firefox’s SVG Animation code, but it looks like security researchers recently discovered that an exploit could have been built on this security flaw to target Windows users using either Mozilla Firefox or Tor Browser web browsers on the anonymous Tor network. Mozilla was quick to patch the security vulnerability in the latest versions of its Firefox, Firefox ESR (Extended Support Release), and Thunderbird products, and released Mozilla Firefox 50.0.2, Mozilla Firefox ESR 45.5.1, and Mozilla Thunderbird 45.5.1 for all supported platforms, including Linux, Mac, and Windows.