Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:22454
HistorySep 10, 2009 - 12:00 a.m.

Mozilla Foundation Security Advisory 2009-49

2009-09-1000:00:00
vulners.com
23

Mozilla Foundation Security Advisory 2009-49

Title: TreeColumns dangling pointer vulnerability
Impact: Critical
Announced: September 9, 2009
Reporter: TippingPoint ZDI
Products: Firefox

Fixed in: Firefox 3.5.3
Firefox 3.0.14
Description

An anonymous security researcher, via TippingPoint's Zero Day Initiative, reported that the columns of a XUL tree element could be manipulated in a particular way which would leave a pointer owned by the column pointing to freed memory. An attacker could potentially use this vulnerability to crash a victim's browser and run arbitrary code on the victim's computer.
References

* https://bugzilla.mozilla.org/show_bug.cgi?id=506871
* CVE-2009-3077
Related for SECURITYVULNS:DOC:22454