Mozilla Foundation Security Advisory 2010-58

2010-09-10T00:00:00
ID SECURITYVULNS:DOC:24692
Type securityvulns
Reporter Securityvulns
Modified 2010-09-10T00:00:00

Description

Mozilla Foundation Security Advisory 2010-58

Title: Crash on Mac using fuzzed font in data: URL Impact: Critical Announced: September 7, 2010 Reporter: Marc Schoenefeld Products: Firefox, Thunderbird, SeaMonkey

Fixed in: Firefox 3.6.9 Firefox 3.5.12 Thunderbird 3.1.3 Thunderbird 3.0.7 SeaMonkey 2.0.7 Description

Security researcher Marc Schoenefeld reported that a specially crafted font could be applied to a document and cause a crash on Mac systems. The crash showed signs of memory corruption and presumably could be used by an attacker to execute arbitrary code on a victim's computer. References

* https://bugzilla.mozilla.org/show_bug.cgi?id=583520
* CVE-2010-2770