oss-sec mailing list archives
CVE request: DoS loading a SVG in Firefox
From: Gustavo Grieco <gustavo.grieco () gmail com>
Date: Thu, 6 Oct 2016 12:09:05 -0300
Hello, Some months ago, we found that just loading this image: https://dcc.fceia.unr.edu.ar/~ggrieco/oom.svg (518K) will cause Firefox to consume all your memory. Once you click, you cannot stop the memory constant memory leak. It can take a few minutes (we tested in a desktop computer with 16GB). At the end, Firefox will abort or it will be terminated by the OS. At least Firefox 49 and 51 in several platforms are affected. A report in the Mozilla bug tracker was filled: https://bugzilla.mozilla.org/show_bug.cgi?id=1297206 Please assign a CVE if suitable. Regards, Gustavo.
Current thread:
- CVE request: DoS loading a SVG in Firefox Gustavo Grieco (Oct 06)
- Re: CVE request: DoS loading a SVG in Firefox Gustavo Grieco (Oct 26)
- Re: CVE request: DoS loading a SVG in Firefox cve-assign (Nov 26)
- Re: CVE request: DoS loading a SVG in Firefox Gustavo Grieco (Oct 26)