Mozilla Foundation Security Advisory 2009-08

Mozilla Foundation Security Advisory 2009-08 Title: Mozilla Firefox XUL Linked Clones Double Free Vulnerability Impact: Critical Announced: March 4, 2009 Reporter: TippingPoint Zero Day Initiative Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.0.7 Thunderbird 2.0.0.21 SeaMonkey...

Firefox XUL Linked Clones Double Free Vulnerability

Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection...

RHEL 4 / 5 : firefox (RHSA-2009:0315)

The remote Redhat Enterprise Linux 4 / 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:0315 advisory. - libpng arbitrary free flaw CVE-2009-0040 - Firefox 3 Layout Engine Crashes CVE-2009-0771 - Firefox 2 and 3 - Layout engine crashes...

Mozilla Firefox XUL Linked Clones Double Free Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists during the browsers garbage collection process...

Mozilla Firefox XUL Linked Clones Double Free Vulnerability — Mozilla

An anonymous researcher, via TippingPoint's Zero Day Initiative program, reported a vulnerability in Mozilla's garbage collection process. The vulnerability was caused by improper memory management of a set of cloned XUL DOM elements which were linked as a parent and child. After reloading the...