Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2015-2710

Source

Mozilla Foundation Security Advisory 2015-48

Buffer overflow with SVG content and CSS

Announced

May 12, 2015

Reporter

Atte Kettunen

Impact

Critical

Products

Firefox, Firefox ESR, Firefox OS, SeaMonkey, Thunderbird

Fixed in

Firefox 38
Firefox ESR 31.7
Firefox OS 2.2
SeaMonkey 2.35
Thunderbird 31.7
Thunderbird 38.0.1

Description

Using the Address Sanitizer tool, security researcher Atte Kettunen found a buffer overflow during the rendering of SVG format graphics when combined with specific CSS properties on a page. This results in a potentially exploitable crash.

In general this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled, but is potentially a risk in browser or browser-like contexts.

References

Heap-buffer-overflow in SVGTextFrame (CVE-2015-2710)

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Buffer overflow with SVG content and CSS

Buffer overflow with SVG content and CSS

Description

References

Vulmon Search

About

Products

Connect