Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window.

References

• https://nvd.nist.gov/vuln/detail/CVE-2010-3180
• https://bugzilla.mozilla.org/show_bug.cgi?id=588929
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12158
• http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
• http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html
• http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html
• http://secunia.com/advisories/42867
• http://support.avaya.com/css/P8/documents/100114250
• http://support.avaya.com/css/P8/documents/100120156
• http://www.debian.org/security/2010/dsa-2124
• http://www.mandriva.com/security/advisories?name=MDVSA-2010:210
• http://www.mandriva.com/security/advisories?name=MDVSA-2010:211
• http://www.mozilla.org/security/announce/2010/mfsa2010-66.html
• http://www.redhat.com/support/errata/RHSA-2010-0780.html
• http://www.redhat.com/support/errata/RHSA-2010-0781.html
• http://www.redhat.com/support/errata/RHSA-2010-0782.html
• http://www.redhat.com/support/errata/RHSA-2010-0861.html
• http://www.redhat.com/support/errata/RHSA-2010-0896.html
• http://www.securityfocus.com/bid/44248
• http://www.ubuntu.com/usn/USN-997-1
• http://www.ubuntu.com/usn/USN-998-1
• http://www.vupen.com/english/advisories/2011/0061