Two heap-use-after-free errors during DOM operations in nsINode::ReplaceOrInsertBefore resulting in potentially exploitable crashes.
Two heap-use-after-free errors during DOM operations in nsINode::ReplaceOrInsertBefore resulting in potentially exploitable crashes.
https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/#CVE-2016-9067