Mozilla Foundation Security Advisory 2011-13
Title: Multiple dangling pointer vulnerabilities
Impact: Critical
Announced: April 28, 2011
Reporter: regenrecht
Products: Firefox, SeaMonkey
Fixed in: Firefox 3.6.17
Firefox 3.5.19
SeaMonkey 2.0.14
Description
Security researcher regenrecht reported several dangling pointer vulnerabilities via TippingPoint's Zero Day Initiative.
Firefox 4 was not affected by these issues.
References
Use-after-free vulnerability in OBJECT's mChannel
CVE-2011-0065
Use-after-free vulnerability in OBJECT's mObserverList
CVE-2011-0066
nsTreeRange Dangling Pointer Remote Code Execution Vulnerability
CVE-2011-0073