Mozilla Firefox/Thunderbird/SeaMonkey SVG Polygon Parsing Remote Code Execution Vulnerability

Mozilla Firefox, Thunderbird, and SeaMonkey are prone to a remote code-execution vulnerability.

The issue occurs when parsing SVG polygon objects and can be exploited to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

NOTE: This issue was previously discussed in BID 48354 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2011-19 through -28 Multiple Vulnerabilities) but has been given its own record to better document it.


 

Privacy Statement
Copyright 2010, SecurityFocus