Added: 08/22/2011
CVE: CVE-2011-0065
BID: 47659
OSVDB: 72085
Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS.
A use-after-free vulnerability allows command execution when a user loads a specially crafted web page that causes an **OnChannelRedirect**
method call on an object with an unassigned mChannel, resulting in a dangling pointer.
Upgrade to Firefox 3.5.19 or 3.6.17 or higher.
<http://www.mozilla.org/security/announce/2011/mfsa2011-13.html>
Exploit works on Mozilla Foundation Firefox 3.6.16 on Microsoft Windows XP SP3 English (DEP OptIn) with KB959426.
The user must open the exploit page in Firefox.
Windows