Mozilla Foundation Security Advisory 2012-87

Use-after-free in the IME State Manager

Announced
October 9, 2012
Reporter
miaubiz
Impact
Critical
Products
Firefox, Firefox ESR, SeaMonkey, Thunderbird, Thunderbird ESR
Fixed in
  • Firefox 16
  • Firefox ESR 10.0.8
  • SeaMonkey 2.13
  • Thunderbird 16
  • Thunderbird ESR 10.0.8

Description

Security researcher miaubiz used the Address Sanitizer tool to discover a use-after-free in the IME State Manager code. This could lead to a potentially exploitable crash.

In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products.

References