Endpoint Vulnerability

Use-after-free in serializeToStream

Description

Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free in XMLSerializer by the exposing of serializeToStream to web content. This can lead to arbitrary code execution when exploited.

Affected Products

Firefox,Firefox ESR

References

CVE-2013-0753,