Firefox Firefox ESR and Thunderbird are vulnerable to privilege escalation. A remote user can create a specially crafted SVG image that, when loaded by the target user, will access restricted external resources via ‘data:’ URLs. The affected component is SVG Image Handler
.
rhn.redhat.com/errata/RHSA-2016-2946.html
rhn.redhat.com/errata/RHSA-2016-2973.html
www.securityfocus.com/bid/94885
www.securitytracker.com/id/1037461
access.redhat.com/errata/RHSA-2016:2973
access.redhat.com/security/updates/classification/#important
bugzilla.mozilla.org/show_bug.cgi?id=1319122
security.gentoo.org/glsa/201701-15
www.debian.org/security/2017/dsa-3757
www.mozilla.org/security/advisories/mfsa2016-94/
www.mozilla.org/security/advisories/mfsa2016-95/
www.mozilla.org/security/advisories/mfsa2016-96/