Use-after-free while manipulating HTML media content
- September 22, 2015
- Firefox, Firefox ESR, Firefox OS, SeaMonkey, Thunderbird
- Fixed in
- Firefox 41
- Firefox ESR 38.3
- Firefox OS 2.5
- SeaMonkey 2.38
- Thunderbird 38.3
An anonymous researcher reported, via HP's Zero Day Initiative, a use-after-free vulnerability with HTML media elements on a page during script manipulation of the URI table of these elements. This results in a potentially exploitable crash.
In general this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled, but is potentially a risk in browser or browser-like contexts.