• Security Center
  • Security Advisories
  • Known Vulnerabilities
  • Bug Bounty
  • Security Blog

You are here: Security Center > Mozilla Foundation Security Advisories > MFSA 2011-44

Mozilla Foundation Security Advisory 2011-44

Title: Use after free reading OGG headers
Impact: Critical
Announced: September 27, 2011
Reporter: sczimmer
Products: Firefox, Thunderbird, SeaMonkey

Fixed in: Firefox 7.0
  Thunderbird 7.0
  SeaMonkey 2.4

Description

sczimmer reported that Firefox crashed when loading a particular .ogg file. This was due to a use-after-free condition and could potentially be exploited to install malware.

This vulnerability does not affect Firefox 3.6 or earlier.

References

• https://bugzilla.mozilla.org/show_bug.cgi?id=675747
• CVE-2011-3005