Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x prior to 2.0.0.2, Thunderbird prior to 1.5.0.10, and SeaMonkey prior to 1.0.8 allows remote malicious users to execute arbitrary code via a large stroke-width attribute in the clipPath element in an SVG file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla seamonkey |
||
mozilla thunderbird |
||
mozilla firefox |