Mozilla Foundation Security Advisory 2010-73
Title: Heap buffer overflow mixing document.write and DOM insertion
Announced: October 27, 2010
Reporter: Morten Kråkvik
Products: Firefox, Thunderbird, SeaMonkey
Fixed in: Firefox 3.6.12
Morten Kråkvik of Telenor SOC reported an exploit targeting particular versions of Firefox 3.6 on Windows XP that Telenor found while investigating an intrusion attempt on a customer network. The underlying vulnerability, however, was present on both the Firefox 3.5 and Firefox 3.6 development branches and affected all supported platforms.