Use-after-free vulnerability in nsXULCommandDispatcher function in Mozilla Firefox, Thunderbird, and SeaMonkey allows remote code execution via crafted XUL document

CVE-2011-0085

Use-after-free vulnerability in the nsXULCommandDispatcher function in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via a crafted XUL document that dequeues the current command updater.

Learn more about our Cis Benchmark Audit For Mozilla Firefox.