Mozilla Firefox OBJECT mChannel Use-After-Free

Added: 08/22/2011
CVE: CVE-2011-0065
BID: 47659
OSVDB: 72085

Background

Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS.

Problem

A use-after-free vulnerability allows command execution when a user loads a specially crafted web page that causes an OnChannelRedirect method call on an object with an unassigned mChannel, resulting in a dangling pointer.

Resolution

Upgrade to Firefox 3.5.19 or 3.6.17 or higher.

References

http://www.mozilla.org/security/announce/2011/mfsa2011-13.html

Limitations

Exploit works on Mozilla Foundation Firefox 3.6.16 on Microsoft Windows XP SP3 English (DEP OptIn) with KB959426.

The user must open the exploit page in Firefox.

Platforms

Windows

Back to exploit index