Your system may not meet the requirements for Firefox, but you can try one of these versions:

Your system doesn't meet the requirements to run Firefox.

Your system doesn't meet the requirements to run Firefox.

Please follow these instructions to install Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2013-82

Calling scope for new Javascript objects can lead to memory corruption

Announced
September 17, 2013
Reporter
Ms2ger
Impact
High
Products
Firefox, Firefox ESR, SeaMonkey, Thunderbird, Thunderbird ESR
Fixed in
  • Firefox 24
  • Firefox ESR 17.0.9
  • SeaMonkey 2.21
  • Thunderbird 24
  • Thunderbird ESR 17.0.9

Description

Mozilla community member Ms2ger found a mechanism where a new Javascript object with a compartment is uninitialized could be entered through web content. When the scope for this object is called, it leads to a potentially exploitable crash.

In general this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled, but is potentially a risk in browser or browser-like contexts.

References