Mozilla

Mozilla Foundation Security Advisory 2016-51

Use-after-free deleting tables from a contenteditable document

Announced
June 7, 2016
Reporter
firehack
Impact
High
Products
Firefox, Firefox ESR
Fixed in
  • Firefox 47
  • Firefox ESR 45.2

Description

Security researcher firehack used the Address Sanitizer tool to discover a use-after-free in contenteditable mode. This occurs when deleting document object model (DOM) table elements created within the editor and results in a potentially exploitable crash.

References