You are here: Security Center > Mozilla Foundation Security Advisories > MFSA 2011-20

Mozilla Foundation Security Advisory 2011-20

Title: Use-after-free vulnerability when viewing XUL document with script disabled
Impact: Critical
Announced: June 21, 2011
Reporter: Martin Barbella
Products: Firefox, Thunderbird, SeaMonkey

Fixed in: Firefox 5
  Firefox 3.6.18
  Thunderbird 3.1.11
  SeaMonkey 2.2

Description

Security researcher Martin Barbella reported that under certain conditions, viewing a XUL document while JavaScript was disabled caused deleted memory to be accessed. This flaw could potentially be used by an attacker to crash a victim's browser and run arbitrary code on their computer.

XUL document support was disabled by default in Firefox 4 and SeaMonkey 2.1 and users of those versions are not generally at risk. It is possible for add-ons to re-enable the feature for specific sites (for example, to support a legacy intranet XUL application) which would have introduced this vulnerability while browsing those sites.

References