Mozilla Foundation Security Advisory 2012-17

Crash when accessing keyframe cssText after dynamic modification

Announced
March 13, 2012
Reporter
Daniel Glazman
Impact
Critical
Products
Firefox, Firefox ESR, SeaMonkey, Thunderbird, Thunderbird ESR
Fixed in
  • Firefox 11
  • Firefox ESR 10.0.3
  • SeaMonkey 2.8
  • Thunderbird 11
  • Thunderbird ESR 10.0.3

Description

Mozilla community member Daniel Glazman of Disruptive Innovations reported a crash when accessing a keyframe's cssText after dynamic modification. This crash may be potentially exploitable.

Firefox 3.6 and Thunderbird 3.1 are not affected by this vulnerability.

References