Use-after-free vulnerability in Mozilla Firefox and Thunderbird before 16.0 allows remote code execution

Use-after-free vulnerability in Mozilla Firefox and Thunderbird before 16.0 allows remote code execution

CVE-2012-3988 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScreen to enter full-screen mode, and use of the history.back method for backwards history navigation.

Learn more about our Cis Benchmark Audit For Mozilla Firefox.