CVE-2011-3671

Mozilla Firefox <9 - Use After Free

Title source: llm
STIX 2.1

Description

Use-after-free vulnerability in the nsHTMLSelectElement function in nsHTMLSelectElement.cpp in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allows remote attackers to execute arbitrary code via vectors involving removal of the parent node of an element.

References (2)

Core 2
Core References
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=739343

Scores

EPSS 0.0185
EPSS Percentile 76.7%

Details

CWE
CWE-399
Status published
Products (30)
mozilla/firefox 4.0 (13 CPE variants)
mozilla/firefox 4.0.1
mozilla/firefox 5.0
mozilla/firefox 5.0.1
mozilla/firefox 6.0
mozilla/firefox 6.0.1
mozilla/firefox 6.0.2
mozilla/firefox 7.0
mozilla/firefox 7.0.1
mozilla/firefox 8.0
... and 20 more
Published Jun 18, 2012
Tracked Since Feb 18, 2026