Mozilla Foundation Security Advisory 2011-19
Title: Miscellaneous memory safety hazards (rv:3.0/18.104.22.168)
Announced: June 21, 2011
Reporter: Mozilla developers and community
Products: Firefox, Thunderbird, SeaMonkey
Fixed in: Firefox 5
Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
Bob Clary, Kevin Brosnan, Nils, Gary Kwong, Jesse Ruderman and Christian Biesinger reported memory safety problems that were fixed in clients based on mozilla5 and mozilla-1.9.2 (e.g. Firefox 5 and Firefox 3.6.18 respectively).
Bas Schouten, Igor Bukanov, Jesse Ruderman, Bill McCloskey, Olli Pettay, Gary Kwong, Daniel Veditz and Marcia Knous reported memory safety problems that were fixed in Firefox 5 and SeaMonkey 2.2. These vulnerabilities did not affect versions prior to Firefox 4 and SeaMonkey 2.1
Rh0 reported a crash that was fixed in the browser engine used by Firefox 3.6.18 and Thunderbird 3.1 and did not affect higher versions.
secenv reported a crash that was fixed in the browser engine used by Firefox 3.6.18 and Thunderbird 3.1.11 and did not affect higher versions.