[Full-disclosure] ZDI-06-051: Mozilla Firefox SVG Processing Remote Code Execution Vulnerability

ZDI-06-051: Mozilla Firefox SVG Processing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-051.html December 19, 2006 -- CVE ID: CVE-2006-6504 -- Affected Vendor: Mozilla -- Affected Products: Mozilla Firefox 2.0.0.0 Mozilla Firefox 1.5.0.4 - 1.5.0.8 --...

Mozilla Firefox SVG Processing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the browser's handling of SVG comment objects...