[Bug 253804] [NEW] Possible SVG vulnerability affecting Firefox, evince, eog, Gimp and more

Alexander Konovalenko alexkon at gmail.com
Thu Jul 31 22:28:40 UTC 2008


*** This bug is a security vulnerability ***

Public security bug reported:

There's an exploit published on July 8, 2008 at
http://www.milw0rm.com/exploits/6029 that says:

"Malicious SVG file DoS

The following applications were tested in their latest revisions:
Firefox's "browse for file, preview" object on linux: affected
evince on linux: affected
eog on linux: affected
gimp on linux: affected
inkscape on linux: unaffected
Microsoft Visio on windows: unaffected

It is unknown at this time whether code execution is possible..."

Unfortunately I currently lack the resources to verify the existence of
the vulnerability.

WARNING: the .zip file might harm your computer. Don't open it on your
normal machine.

A more or less safe way to test it would be to physically disconnect any
important devices (all hard disks, network connections to any networks
that trust your machine, etc.) and to boot from a live CD. But you
should still know what you're doing.

** Affects: eog (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: evince (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: firefox (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: firefox-3.0 (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: gimp (Ubuntu)
     Importance: Undecided
         Status: New

** Visibility changed to: Public

** Changed in: firefox-3.0 (Ubuntu)
Sourcepackagename: None => firefox-3.0

** Also affects: firefox (Ubuntu)
   Importance: Undecided
       Status: New

** Also affects: evince (Ubuntu)
   Importance: Undecided
       Status: New

** Also affects: eog (Ubuntu)
   Importance: Undecided
       Status: New

** Also affects: gimp (Ubuntu)
   Importance: Undecided
       Status: New

-- 
Possible SVG vulnerability affecting Firefox, evince, eog, Gimp and more
https://bugs.launchpad.net/bugs/253804
You received this bug notification because you are a member of Mozilla
Bugs, which is subscribed to firefox in ubuntu.




More information about the Ubuntu-mozillateam-bugs mailing list