Skip to main content

Mozilla Firefox Node Scope Confusion Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 7 Apr 2010 5348 Views

RISK: Medium Risk

A vulnerability has been identified in Mozilla Firefox, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by a use-after-free error when moving DOM nodes between documents, which could allow attackers to crash an affected browser or execute arbitrary code by tricking a user into visiting a specially crafted web page.


Impact

  • Remote Code Execution

System / Technologies affected

  • Mozilla Firefox versions prior to 3.6.3

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Upgrade to Mozilla Firefox version 3.6.3 :
http://www.mozilla.com/firefox/


Vulnerability Identifier


Source