You are here: Security Center > Mozilla Foundation Security Advisories > MFSA 2012-14

Mozilla Foundation Security Advisory 2012-14

Title: SVG issues found with Address Sanitizer
Impact: Critical
Announced: March 13, 2012
Reporter: Atte Kettunen
Products: Firefox, Thunderbird, SeaMonkey

Fixed in: Firefox 11.0
  Firefox ESR 10.0.3
  Firefox 3.6.28
  Thunderbird 11.0
  Thunderbird ESR 10.0.3
  Thunderbird 3.1.20
  SeaMonkey 2.8

Description

Security researcher Atte Kettunen from OUSPG found two issues with Firefox's handling of SVG using the Address Sanitizer tool. The first issue, critically rated, is a use-after-free in SVG animation that could potentially lead to arbitrary code execution. The second issue is rated moderate and is an out of bounds read in SVG Filters. This could potentially incorporate data from the user's memory, making it accessible to the page content.

References