Mozilla Foundation Security Advisory 2016-51
Use-after-free deleting tables from a contenteditable document
- June 7, 2016
- Firefox, Firefox ESR
- Fixed in
- Firefox 47
- Firefox ESR 45.2
Security researcher firehack used the Address Sanitizer tool to discover a use-after-free in contenteditable mode. This occurs when deleting document object model (DOM) table elements created within the editor and results in a potentially exploitable crash.