Closed
Bug 1321100
Opened 8 years ago
Closed 8 years ago
Claim of SVG animation-related RCE bug in Tor Browser
Categories
(Core :: SVG, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 1321066
People
(Reporter: schoen, Unassigned)
Details
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
Build ID: 20161114144739
Steps to reproduce:
A message was just sent to the public tor-talk mailing list containing purported exploit PoC code for a remote code execution vulnerability in Tor Browser. The code is fairly detailed which made me doubt that it was a hoax, although it could conceivably be related to something that's already known or fixed upstream in Firefox. The message claims that the vulnerability is being exploited in the wild.
The vulnerability appears to relate somehow to SVG animations.
The message in question appears at
https://lists.torproject.org/pipermail/tor-talk/2016-November/042639.html
I've also written to security@mozilla.org about this.
Updated•8 years ago
|
Group: firefox-core-security → core-security
Component: Untriaged → SVG
Product: Firefox → Core
Comment 1•8 years ago
|
||
This is already being tracked in bug 1321066.
Updated•8 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
Comment 3•8 years ago
|
||
(Thanks for the report, in any case! Good to have security bugs reported/tracked ASAP.)
Reporter | ||
Comment 4•8 years ago
|
||
Thanks! I also got a reply by e-mail from the security list and saw a follow-up on tor-talk indicating that it was previously reported to Mozilla. I'm happy to know that Mozilla is already on top of it.
Comment 5•8 years ago
|
||
(In reply to Seth Schoen from comment #4)
> I'm happy to know that Mozilla is already on top of it.
Only because someone like you reported it to us -- so thanks again for doing that.
Updated•8 years ago
|
Group: core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•