Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS.
Mozilla Firefox prior to 18.0 contains a use-after-free error in the
**XMLSerializer** when the
**serializeToStream** method is used. A remote attacker who persuades a user to open a crafted web page could execute arbitrary code in the context of the user running the browser.
Upgrade to Mozilla Firefox 18.0 or newer.
This exploit was tested against Mozilla Firefox 17.0.1 on Windows XP SP3 English (DEP OptIn).
The user must open the exploit in a vulnerable version of Firefox.