Mozilla Firefox < 9.0 Multiple Vulnerabilities

Versions of Firefox prior to 9.0 are affected by the following security issues :

• An out-of-bounds memory access error exists in the ‘SVG’ implementation and can be triggered when ‘SVG’ elements are removed during a ‘DOMAttrModified’ event handler. (CVE-2011-3658)
• Various memory safety errors exist that can lead to memory corruption and possible code execution. (CVE-2011-3660)
• An error exists in the ‘YARR’ regular expression library that can cause application crashers when handling certain JavaScript statements. (CVE-2011-3661)
• It is possible to detect keystrokes using ‘SVG’ animation ‘accesskey’ events even when JavaScript is disabled. (CVE-2011-3663)
• An error exists related to plugins that can allow a null pointer to be dereferenced when a plugin deletes its containing DOM frame during a call from that frame. It may be possible for a non-null pointer to be dereferenced thereby opening up the potential for further exploitation. (CVE-2011-3664)
• It is possible to crash the application when OGG ‘video’ elements are scaled to extreme sizes. (CVE-2011-3665)