CVE-2013-0752 (firefox, firefox_esr, linux_enterprise_desktop, linux_enterprise_server, linux_enterprise_software_development_kit, opensuse, seamonkey, thunderbird, thunderbird_esr, ubuntu_linux)

Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XBL file with multiple bindings that have SVG content.