CVE-2009-1827

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox version 3.0.4

Description: The issue allows remote attackers to cause a denial of service, resulting in an application hang. This is achieved by providing a large value in the r attribute of a circle element in the SVG component, which is related to an unclamped loop.

Recommendations: For Mozilla Firefox version 3.0.4, consider avoiding the use of large values in the r attribute of circle elements in SVG components until a fix is available. As a temporary workaround, restrict the rendering of SVG circle elements with large r attribute values to prevent application hangs.