logo
DATABASE RESOURCES PRICING ABOUT US

Mozilla Foundation Security Advisory 2010-66

Description

Mozilla Foundation Security Advisory 2010-66 Title: Use-after-free error in nsBarProp Impact: Critical Announced: October 19, 2010 Reporter: Sergey Glazunov Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.11 Firefox 3.5.14 Thunderbird 3.1.5 Thunderbird 3.0.9 SeaMonkey 2.0.9 Description Security researcher Sergey Glazunov reported that it was possible to access the locationbar property of a window object after it had been closed. Since the closed window's memory could have been subsequently reused by the system it was possible that an attempt to access the locationbar property could result in the execution of attacker-controlled memory. References * https://bugzilla.mozilla.org/show_bug.cgi?id=588929 * CVE-2010-3180


Related