Mozilla products are vulnerable to memory corruption via simultaneous XPCOM events. This may allow a remote attacker to execute arbitrary code on a vulnerable system.
XPCOM events that occur simultaneously can trigger the use of a deleted timer object, which can cause memory corruption.
A remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. The attacker could also cause the vulnerable application to crash.
This vulnerability was reported by the Mozilla Foundation, who in turn credit Secunia Research.
|Date First Published:||2006-07-27|
|Date Last Updated:||2007-02-09 14:06 UTC|