Mozilla Foundation Security Advisory 2013-100

Miscellaneous use-after-free issues found through ASAN fuzzing

Announced
October 29, 2013
Reporter
Nils
Impact
Critical
Products
Firefox, Firefox ESR, SeaMonkey, Thunderbird, Thunderbird ESR
Fixed in
  • Firefox 25
  • Firefox ESR 17.0.10
  • Firefox ESR 24.1
  • SeaMonkey 2.22
  • Thunderbird 24.1
  • Thunderbird ESR 17.0.10

Description

Security researcher Nils used the Address Sanitizer tool while fuzzing to discover missing strong references in browsing engine leading to use-after-frees. This can lead to a potentially exploitable crash.

In general these flaws cannot be exploited through email in the Thunderbird and Seamonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts.

References