New Search

Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010.

oval:org.mitre.oval:def:10924

Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 4
  • Red Hat Enterprise Linux 5
  • Oracle Linux 4
  • Oracle Linux 5
  • Red Hat Enterprise Linux 4
  • CentOS Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2010-1121
Product(s):