You are here: Security Center > Mozilla Foundation Security Advisories > MFSA 2012-62

Mozilla Foundation Security Advisory 2012-62

Title: WebGL use-after-free and memory corruption
Impact: Critical
Announced: August 28, 2012
Reporter: miaubiz
Products: Firefox, Thunderbird, SeaMonkey

Fixed in: Firefox 15
  Firefox ESR 10.0.7
  Thunderbird 15
  Thunderbird ESR 10.0.7
  SeaMonkey 2.12

Description

Security researcher miaubiz used the Address Sanitizer tool to discover two WebGL issues. The first issue is a use-after-free when WebGL shaders are called after being destroyed. The second issue exposes a problem with Mesa drivers on Linux, leading to a potentially exploitable crash.

References