CVE-2011-0057 | Vulnerability Database | Aqua Security

Use-after-free vulnerability in the Web Workers implementation in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to execute arbitrary code via vectors related to a JavaScript Worker and garbage collection.

Affected Software

Name	Vendor	Start Version	End Version
Firefox	Mozilla	3.6 (including)	3.6 (including)
Firefox	Mozilla	3.6.2 (including)	3.6.2 (including)
Firefox	Mozilla	3.6.3 (including)	3.6.3 (including)
Firefox	Mozilla	3.6.4 (including)	3.6.4 (including)
Firefox	Mozilla	3.6.6 (including)	3.6.6 (including)
Firefox	Mozilla	3.6.7 (including)	3.6.7 (including)
Firefox	Mozilla	3.6.8 (including)	3.6.8 (including)
Firefox	Mozilla	3.6.9 (including)	3.6.9 (including)
Firefox	Mozilla	3.6.10 (including)	3.6.10 (including)
Firefox	Mozilla	3.6.11 (including)	3.6.11 (including)
Firefox	Mozilla	3.6.12 (including)	3.6.12 (including)
Firefox	Mozilla	3.6.13 (including)	3.6.13 (including)

References

http://downloads.avaya.com/css/P8/documents/100133195
http://www.mandriva.com/security/advisories?name=MDVSA-2011:041
http://www.mozilla.org/security/announce/2011/mfsa2011-06.html
http://www.securityfocus.com/bid/46663
https://bugzilla.mozilla.org/show_bug.cgi?id=626631
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14200

NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-0057
CWE	https://cwe.mitre.org/data/definitions/399.html