Mozilla Foundation Security Advisory 2011-44

Use after free reading OGG headers

Announced
September 27, 2011
Reporter
sczimmer
Impact
Critical
Products
Firefox, SeaMonkey, Thunderbird
Fixed in
  • Firefox 7
  • SeaMonkey 2.4
  • Thunderbird 7

Description

sczimmer reported that Firefox crashed when loading a particular .ogg file. This was due to a use-after-free condition and could potentially be exploited to install malware.

This vulnerability does not affect Firefox 3.6 or earlier.

References