Информационная безопасность
[RU] switch to English


Дополнительная информация

  Многочисленные уязвимости безопасности в Mozilla Firefox / Seamonkey

  ZDI-10-113: Mozilla Firefox XSLT Sort Remote Code Execution Vulnerability

  Mozilla Foundation Security Advisory 2010-33

  Mozilla Foundation Security Advisory 2010-32

  Mozilla Foundation Security Advisory 2010-31

From:MOZILLA
Date:25 июня 2010 г.
Subject:Mozilla Foundation Security Advisory 2010-27

Mozilla Foundation Security Advisory 2010-27

Title: Use-after-free error in nsCycleCollector::MarkRoots()
Impact: Critical
Announced: June 22, 2010
Reporter: wushi
Products: Firefox, SeaMonkey

Fixed in: Firefox 3.5.10
 SeaMonkey 2.0.5
Description

Security researcher wushi of team509 reported that the frame construction process for certain types of menus could result in a menu containing a pointer to a previously freed menu item. During the cycle collection process, this freed item could be accessed, resulting in the execution of a section of code potentially controlled by an attacker.
References

   * https://bugzilla.mozilla.org/show_bug.cgi?id=557174
   * CVE-2010-0183

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород