Mozilla Foundation Security Advisory 2011-44

Type securityvulns
Reporter Securityvulns
Modified 2011-10-01T00:00:00


Mozilla Foundation Security Advisory 2011-44

Title: Use after free reading OGG headers Impact: Critical Announced: September 27, 2011 Reporter: sczimmer Products: Firefox, Thunderbird, SeaMonkey

Fixed in: Firefox 7.0 Thunderbird 7.0 SeaMonkey 2.4 Description

sczimmer reported that Firefox crashed when loading a particular .ogg file. This was due to a use-after-free condition and could potentially be exploited to install malware.

This vulnerability does not affect Firefox 3.6 or earlier.

References CVE-2011-3005