Use-after-free vulnerability in Mozilla Firefox 10.x prior to 10.0.1, Thunderbird 10.x prior to 10.0.1, and SeaMonkey 2.7 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call, related to the cycle collector's access to a hash table containing a stale XBL binding.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 10.0 |
||
mozilla thunderbird 10.0 |
||
mozilla seamonkey 2.7 |