This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the obj_toSource function of jsobj.cpp. When crafting a javascript proxy object, an attacker can specially craft Handler methods to cause a use-after-free vulnerability. When the proxy object is successfully created, a call to the toSource function will lead to a dangling pointer condition. An attacker can leverage this vulnerability to execute code under the context of the running process.