Security researcher PenPal reported a crash
involving a SVG element on which a watch
function
and __defineSetter__
function have been set for a
particular property. The crash showed evidence of memory corruption
and could potentially be used by an attacker to run arbitrary code on
a victim's computer.
Disable JavaScript until a version containing these fixes can be installed.