CVE-2011-0084 (retired)

Priority
Description
The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before
3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions
before 6; SeaMonkey 2.x before 2.3; and possibly other products does not
properly handle SVG text, which allows remote attackers to execute
arbitrary code via unspecified vectors that lead to a "dangling pointer."
Assigned-to
micahg
Package
Upstream:released (6.0)
Package
Upstream:needs-triage (Ubuntu source uses 3.6.x)
Package
Upstream:needs-triage (Ubuntu source uses 3.6.x)
Package
Upstream:not-affected
Package
Upstream:released (3.1.12, 6.0)
Package
Upstream:released (1.9.2.20)
Package
Upstream:needed
More Information

Updated: 2019-03-26 11:54:47 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)