Download Firefox

Firefox is no longer supported on Windows 8.1 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox is no longer supported on macOS 10.14 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2011-57

Crash when plugin removes itself on Mac OS X

Announced
December 20, 2011
Reporter
Richard Bateman
Impact
High
Products
Firefox, SeaMonkey, Thunderbird
Fixed in
  • Firefox 9
  • SeaMonkey 2.6
  • Thunderbird 9

Description

FireBreath developer Richard Bateman reported a crash on Mac OS X that occurred when a plugin deletes its containing DOM frame during a call from that frame. The observed symptom is a null dereference but we cannot rule out the possibility that content from a scriptable plugin such as Flash could find a way to dereference a more useful address and exploit it.

References