Mozilla Foundation Security Advisory 2009-54

2009-10-28T00:00:00
ID SECURITYVULNS:DOC:22697
Type securityvulns
Reporter Securityvulns
Modified 2009-10-28T00:00:00

Description

Mozilla Foundation Security Advisory 2009-54

Title: Crash with recursive web-worker calls Impact: Critical Announced: October 27, 2009 Reporter: Orlando Berrera Products: Firefox 3.5

Fixed in: Firefox 3.5.4 Description

Security researcher Orlando Berrera of Sec Theory reported that recursive creation of JavaScript web-workers can be used to create a set of objects whose memory could be freed prior to their use. These conditions often result in a crash which could potentially be used by an attacker to run arbitrary code on a victim's computer.

Web Workers were introduced in Firefox 3.5 so this vulnerability did not affect earlier releases such as Firefox 3. References

* https://bugzilla.mozilla.org/show_bug.cgi?id=514554
* CVE-2009-3371