5 matches found
Mozilla Dangling pointer vulnerability in nsPluginArray
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of servi...
Mozilla Dangling pointer vulnerability in nsPluginArray
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of servi...
Mozilla Foundation Security Advisory 2010-19
Mozilla Foundation Security Advisory 2010-19 Title: Dangling pointer vulnerability in nsPluginArray Impact: Critical Announced: March 30, 2010 Reporter: regenrecht via TippingPoint's Zero Day Initiative Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.2 Firefox 3.5.9 Firefox 3.0.19 SeaMonkey...
Mozilla Dangling pointer vulnerability in nsPluginArray
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of servi...
Dangling pointer vulnerability in nsPluginArray — Mozilla
Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the implementation of the window.navigator.plugins object. When a page reloads, the plugins array would reallocate all of its members without checking for existing references to each member. This could resu...