Your system may not meet the requirements for Firefox, but you can try one of these versions:

Your system doesn't meet the requirements to run Firefox.

Your system doesn't meet the requirements to run Firefox.

Please follow these instructions to install Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2009-49

TreeColumns dangling pointer vulnerability

Announced
September 9, 2009
Reporter
TippingPoint ZDI
Impact
Critical
Products
Firefox
Fixed in
  • Firefox 3.0.14
  • Firefox 3.5.3

Description

An anonymous security researcher, via TippingPoint's Zero Day Initiative, reported that the columns of a XUL tree element could be manipulated in a particular way which would leave a pointer owned by the column pointing to freed memory. An attacker could potentially use this vulnerability to crash a victim's browser and run arbitrary code on the victim's computer.

References