Download Firefox

Firefox is no longer supported on Windows 8.1 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox is no longer supported on macOS 10.14 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2012-38

Use-after-free while replacing/inserting a node in a document

Announced
June 5, 2012
Reporter
Arthur Gerkis
Impact
Critical
Products
Firefox, Firefox ESR, SeaMonkey, Thunderbird, Thunderbird ESR
Fixed in
  • Firefox 13
  • Firefox ESR 10.0.5
  • SeaMonkey 2.10
  • Thunderbird 13
  • Thunderbird ESR 10.0.5

Description

Security researcher Arthur Gerkis used the Address Sanitizer tool to find a use-after-free while replacing/inserting a node in a document. This use-after-free could possibly allow for remote code execution.

References