CVE-2011-0065 | Vulnerability Database | Aqua Security

Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECTs mChannel.

Affected Software

Name	Vendor	Start Version	End Version
Firefox	Mozilla	3.6 (including)	3.6 (including)
Firefox	Mozilla	3.6.2 (including)	3.6.2 (including)
Firefox	Mozilla	3.6.3 (including)	3.6.3 (including)
Firefox	Mozilla	3.6.4 (including)	3.6.4 (including)
Firefox	Mozilla	3.6.6 (including)	3.6.6 (including)
Firefox	Mozilla	3.6.7 (including)	3.6.7 (including)
Firefox	Mozilla	3.6.8 (including)	3.6.8 (including)
Firefox	Mozilla	3.6.9 (including)	3.6.9 (including)
Firefox	Mozilla	3.6.10 (including)	3.6.10 (including)
Firefox	Mozilla	3.6.11 (including)	3.6.11 (including)
Firefox	Mozilla	3.6.12 (including)	3.6.12 (including)
Firefox	Mozilla	3.6.13 (including)	3.6.13 (including)
Firefox	Mozilla	3.6.14 (including)	3.6.14 (including)
Firefox	Mozilla	3.6.15 (including)	3.6.15 (including)
Firefox	Mozilla	3.6.16 (including)	3.6.16 (including)

References

http://downloads.avaya.com/css/P8/documents/100144158
http://securityreason.com/securityalert/8326
http://securityreason.com/securityalert/8331
http://securityreason.com/securityalert/8340
http://www.debian.org/security/2011/dsa-2227
http://www.debian.org/security/2011/dsa-2228
http://www.debian.org/security/2011/dsa-2235
http://www.mandriva.com/security/advisories?name=MDVSA-2011:079
http://www.mozilla.org/security/announce/2011/mfsa2011-13.html
https://bugzilla.mozilla.org/show_bug.cgi?id=634986
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14142

NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-0065
CWE	https://cwe.mitre.org/data/definitions/399.html