Mozilla Firefox 3.0.7 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors related to the _moveToEdgeShift XUL tree method, which triggers garbage collection on objects that are still in use, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | 3.0.7 (including) | 3.0.7 (including) |