Dangling Pointer Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey

Dangling Pointer Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey

CVE-2011-2378 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to dereferencing of a "dangling pointer."

Learn more about our Cis Benchmark Audit For Mozilla Firefox.