CVE-2011-0083

Priority
Medium
Description
Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function
in the implementation of SVG element lists in Mozilla Firefox before
3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows
remote attackers to cause a denial of service (application crash) or
possibly execute arbitrary code via vectors involving a user-supplied
callback.
References
Package
Upstream:ignored (Ubuntu source uses 3.6.x)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.6.18)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
Package
Upstream:ignored (Ubuntu source uses 3.6.x)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (2.1 not-affected)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.1.11)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
Package
Upstream:not-affected
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (1.9.2.18)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:39:18 UTC (commit 9756)