You are here: Security Center > Mozilla Foundation Security Advisories > MFSA 2010-58

Mozilla Foundation Security Advisory 2010-58

Title: Crash on Mac using fuzzed font in data: URL
Impact: Critical
Announced: September 7, 2010
Reporter: Marc Schoenefeld
Products: Firefox, Thunderbird, SeaMonkey

Fixed in: Firefox 3.6.9
  Firefox 3.5.12
  Thunderbird 3.1.3
  Thunderbird 3.0.7
  SeaMonkey 2.0.7


Security researcher Marc Schoenefeld reported that a specially crafted font could be applied to a document and cause a crash on Mac systems. The crash showed signs of memory corruption and presumably could be used by an attacker to execute arbitrary code on a victim's computer.