Mozilla Foundation Security Advisory 2012-94

Crash when combining SVG text on path with CSS

Announced
November 20, 2012
Reporter
Jonathan Stephens
Impact
Critical
Products
Firefox, SeaMonkey, Thunderbird
Fixed in
  • Firefox 17
  • SeaMonkey 2.14
  • Thunderbird 17

Description

Security researcher Jonathan Stephens discovered that combining SVG text on a path with the setting of CSS properties could lead to a potentially exploitable crash.

References