Think you have a false positive on this rule?

Sid 1-40896


BROWSER-FIREFOX Mozilla Firefox ESR NotifyTimeChange use after free attempt


This event is generated when an attacker attempts to exploit a use after free vulnerability affecting Mozilla Firefox.


Attempted User Privilege Gain

Detailed information

This rule checks for an attempt to trigger a use after free vulnerability in Firefox's handling of SVG animations.

Affected systems

  • Mozilla Firefox versions < 50.0.2
  • Mozilla Thunderbird versions <= 45.4
  • Tor Browser < 6.0.7

Ease of attack

Simple; exploits are publicly-available

False positives

None Known

False negatives

None Known

Corrective action

Implement vendor-supplied patches


  • Cisco's Talos Intelligence Group

Additional References