Mozilla Foundation Security Advisory 2011-44

2011-10-01T00:00:00
ID SECURITYVULNS:DOC:27080
Type securityvulns
Reporter Securityvulns
Modified 2011-10-01T00:00:00

Description

Mozilla Foundation Security Advisory 2011-44

Title: Use after free reading OGG headers Impact: Critical Announced: September 27, 2011 Reporter: sczimmer Products: Firefox, Thunderbird, SeaMonkey

Fixed in: Firefox 7.0 Thunderbird 7.0 SeaMonkey 2.4 Description

sczimmer reported that Firefox crashed when loading a particular .ogg file. This was due to a use-after-free condition and could potentially be exploited to install malware.

This vulnerability does not affect Firefox 3.6 or earlier.

References

https://bugzilla.mozilla.org/show_bug.cgi?id=675747 CVE-2011-3005