Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

TreeColumns dangling pointer vulnerability

Related Vulnerabilities: CVE-2009-3077  

Source

Mozilla Foundation Security Advisory 2009-49

TreeColumns dangling pointer vulnerability

Announced
September 9, 2009
Reporter
TippingPoint ZDI
Impact
Critical
Products
Firefox
Fixed in
  • Firefox 3.0.14
  • Firefox 3.5.3

Description

An anonymous security researcher, via TippingPoint's Zero Day Initiative, reported that the columns of a XUL tree element could be manipulated in a particular way which would leave a pointer owned by the column pointing to freed memory. An attacker could potentially use this vulnerability to crash a victim's browser and run arbitrary code on the victim's computer.

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started