Mozilla Foundation Security Advisory 2013-98

Use-after-free when updating offline cache

Announced
October 29, 2013
Reporter
Byoungyoung Lee
Impact
Critical
Products
Firefox, Firefox ESR, SeaMonkey, Thunderbird, Thunderbird ESR
Fixed in
  • Firefox 25
  • Firefox ESR 17.0.10
  • Firefox ESR 24.1
  • SeaMonkey 2.22
  • Thunderbird 24.1
  • Thunderbird ESR 17.0.10

Description

Security researcher Byoungyoung Lee of Georgia Tech Information Security Center (GTISC) used the Address Sanitizer tool to discover a use-after-free during state change events while updating the offline cache. This leads to a potentially exploitable crash.

In general this flaw cannot be exploited through email in the Thunderbird and Seamonkey products because scripting is disabled, but is potentially a risk in browser or browser-like contexts.

References