Endpoint Vulnerability

Use-after-free in ListenerManager

Description

Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free within the ListenerManager when garbage collection is forced after data in listener objects have been allocated in some circumstances. This results in a use-after-free which can lead to arbitrary code execution.

Affected Products

Firefox,Firefox ESR

References

CVE-2013-0754,