Use-after-free error using Web Workers

2011-03-01T00:00:00
ID MFSA2011-06
Type mozilla
Reporter Mozilla Foundation
Modified 2011-03-01T00:00:00

Description

Daniel Kozlowski reported that a JavaScript Worker could be used to keep a reference to an object that could be freed during garbage collection. Subsequent calls through this deleted reference could cause attacker-controlled memory to be executed on a victim's computer.