Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 6 Oct 2016 12:09:05 -0300
From: Gustavo Grieco <>
Subject: CVE request: DoS loading a SVG in Firefox


Some months ago, we found that just loading this image: (518K)

will cause Firefox to consume all your memory. Once you click, you
cannot stop the memory constant memory leak. It can take a few minutes
(we tested in a desktop computer with 16GB). At the end, Firefox will
abort or it will be terminated by the OS.

At least Firefox 49 and 51 in several platforms are affected. A report
in the Mozilla bug tracker was filled:

Please assign a CVE if suitable.


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ