Use-after-free vulnerability in HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox, Thunderbird, and SeaMonkey allows remote code execution or denial of service

Use-after-free vulnerability in HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox, Thunderbird, and SeaMonkey allows remote code execution or denial of service

CVE-2013-1724 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a destroyed SELECT element.

Learn more about our Cis Benchmark Audit For Mozilla Firefox.