Your system may not meet the requirements for Firefox, but you can try one of these versions:

Your system doesn't meet the requirements to run Firefox.

Your system doesn't meet the requirements to run Firefox.

Please follow these instructions to install Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2011-18

XSLT generate-id() function heap address leak

Announced
April 28, 2011
Reporter
Chris Evans
Impact
Low
Products
Firefox, SeaMonkey
Fixed in
  • Firefox 3.5.19
  • Firefox 3.6.17
  • Firefox 4.0.1
  • SeaMonkey 2.0.14

Description

Chris Evans of the Chrome Security Team reported that the XSLT generate-id() function returned a string that revealed a specific valid address of an object on the memory heap. It is possible that in some cases this address would be valuable information that could be used by an attacker while exploiting a different memory corruption but, in order to make an exploit more reliable or work around mitigation features in the browser or operating system.