The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | 8.0 (including) | 8.0 (including) |
Seamonkey | Mozilla | 2.5 (including) | 2.5 (including) |
Thunderbird | Mozilla | 8.0 (including) | 8.0 (including) |
Firefox | Ubuntu | hardy | * |
Firefox | Ubuntu | lucid | * |
Firefox | Ubuntu | maverick | * |
Firefox | Ubuntu | natty | * |
Firefox | Ubuntu | oneiric | * |
Seamonkey | Ubuntu | hardy | * |
Seamonkey | Ubuntu | lucid | * |
Seamonkey | Ubuntu | maverick | * |
Seamonkey | Ubuntu | natty | * |
Seamonkey | Ubuntu | oneiric | * |
Thunderbird | Ubuntu | hardy | * |
Thunderbird | Ubuntu | lucid | * |
Thunderbird | Ubuntu | maverick | * |
Thunderbird | Ubuntu | natty | * |
Thunderbird | Ubuntu | oneiric | * |
Thunderbird | Ubuntu | upstream | * |
Xulrunner-1.9.2 | Ubuntu | hardy | * |
Xulrunner-1.9.2 | Ubuntu | lucid | * |
Xulrunner-1.9.2 | Ubuntu | maverick | * |
Xulrunner-1.9.2 | Ubuntu | natty | * |
Xulrunner-2.0 | Ubuntu | natty | * |