Fri, Apr 2 2010 5:59
Don
Mozilla Releases Firefox 3.6.3
Fixed in: Firefox 3.6.3
Description
A memory corruption flaw leading to code execution was reported by
security researcher Nils of MWR InfoSecurity during the
2010 Pwn2Own contest sponsored by TippingPoint's Zero Day Initiative.
By moving DOM nodes between documents Nils found a case where the moved
node incorrectly retained its old scope. If garbage collection could
be triggered at the right time then Firefox would later use this freed
object.
Advisory Details
Get it here
Filed under: News