Use-after-free vulnerability in nsSVGPointList::AppendElement function in Mozilla Firefox, Thunderbird, and SeaMonkey allows remote attackers to cause denial of service or execute arbitrary code via user-supplied callback.

Use-after-free vulnerability in nsSVGPointList::AppendElement function in Mozilla Firefox, Thunderbird, and SeaMonkey allows remote attackers to cause denial of service or execute arbitrary code via user-supplied callback.

CVE-2011-2363 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback.

Learn more about our Cis Benchmark Audit For Mozilla Firefox.