Download Firefox

Firefox is no longer supported on Windows 8.1 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox is no longer supported on macOS 10.14 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2010-28

Freed object reuse across plugin instances

Announced
June 22, 2010
Reporter
Microsoft Vulnerability Research
Impact
Critical
Products
Firefox, SeaMonkey
Fixed in
  • Firefox 3.5.10
  • Firefox 3.6.4
  • SeaMonkey 2.0.5

Description

Microsoft Vulnerability Research reported that two plugin instances could interact in a way in which one plugin gets a reference to an object owned by a second plugin and continues to hold that reference after the second plugin is unloaded and its object is destroyed. In these cases, the first plugin would contain a pointer to freed memory which, if accessed, could be used by an attacker to execute arbitrary code on a victim's computer.

References