Miscellaneous memory safety hazards (rv:3.0/126.96.36.199)
- June 21, 2011
- Mozilla developers and community
- Firefox, SeaMonkey, Thunderbird
- Fixed in
- Firefox 3.6.18
- Firefox 5
- SeaMonkey 2.2
- Thunderbird 3.1.11
Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
Bob Clary, Kevin Brosnan, Nils, Gary Kwong, Jesse Ruderman and Christian Biesinger reported memory safety problems that were fixed in clients based on mozilla5 and mozilla-1.9.2 (e.g. Firefox 5 and Firefox 3.6.18 respectively).
Bas Schouten, Igor Bukanov, Jesse Ruderman, Bill McCloskey, Olli Pettay, Gary Kwong, Daniel Veditz and Marcia Knous reported memory safety problems that were fixed in Firefox 5 and SeaMonkey 2.2. These vulnerabilities did not affect versions prior to Firefox 4 and SeaMonkey 2.1
Rh0 reported a crash that was fixed in the browser engine used by Firefox 3.6.18 and Thunderbird 3.1 and did not affect higher versions.
secenv reported a crash that was fixed in the browser engine used by Firefox 3.6.18 and Thunderbird 3.1.11 and did not affect higher versions.