You are here: Known Vulnerabilities in Mozilla Products (Firefox 126.96.36.199) > MFSA 2006-73
Mozilla Foundation Security Advisory 2006-73
Title: Mozilla SVG Processing Remote Code Execution
Announced: December 19, 2006
Reporter: TippingPoint and the Zero Day Initiative
Products: Firefox 188.8.131.52, SeaMonkey
Fixed in: Firefox 184.108.40.206
Appending an SVG comment DOM node from one document into another type of document such as HTML in some cases results in a crash due to memory corruption that can be exploited to run arbitrary code.
This flaw was introduced in the Firefox 220.127.116.11 release, prior versions are unaffected.