You are here: Security Center > Mozilla Foundation Security Advisories > MFSA 2012-17

Mozilla Foundation Security Advisory 2012-17

Title: Crash when accessing keyframe cssText after dynamic modification
Impact: Critical
Announced: March 13, 2012
Reporter: Daniel Glazman
Products: Firefox, Thunderbird, SeaMonkey

Fixed in: Firefox 11.0
  Firefox ESR 10.0.3
  Thunderbird 11.0
  Thunderbird ESR 10.0.3
  SeaMonkey 2.8

Description

Mozilla community member Daniel Glazman of Disruptive Innovations reported a crash when accessing a keyframe's cssText after dynamic modification. This crash may be potentially exploitable.

Firefox 3.6 and Thunderbird 3.1 are not affected by this vulnerability.

References