Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:26238
HistoryMay 01, 2011 - 12:00 a.m.

Mozilla Foundation Security Advisory 2011-13

2011-05-0100:00:00
vulners.com
32

Mozilla Foundation Security Advisory 2011-13

Title: Multiple dangling pointer vulnerabilities
Impact: Critical
Announced: April 28, 2011
Reporter: regenrecht
Products: Firefox, SeaMonkey

Fixed in: Firefox 3.6.17
Firefox 3.5.19
SeaMonkey 2.0.14
Description

Security researcher regenrecht reported several dangling pointer vulnerabilities via TippingPoint's Zero Day Initiative.

Firefox 4 was not affected by these issues.
References

Use-after-free vulnerability in OBJECT's mChannel
CVE-2011-0065

Use-after-free vulnerability in OBJECT's mObserverList
CVE-2011-0066

nsTreeRange Dangling Pointer Remote Code Execution Vulnerability
CVE-2011-0073