Issue
A null pointer dereference in the content layout component of Firefox allows an attacker to crash the browser when a user navigates to a malicious page.
Impact
If a user browses to a malicious page that takes advantage of this vulnerability, the browser will crash. A feature in Firefox called Session Restore will restore the browser session when Firefox is restarted and will likely save user typed content in text areas as well. This feature is designed to save users’ work in the event of a crash or browser restart.
Status
This issue is currently under investigation. Mozilla has assigned this bug an initial severity rating of low because of the minimal security risk to users.
Credit
Radware reported this issue to Mozilla.
Sam Hasler
wrote on
Jesse Ruderman
wrote on
Mook
wrote on
Window Snyder
wrote on
Thomas Jedenfelt
wrote on
Security Software Developer
wrote on
.NET Component Library
wrote on
Dicks
wrote on
loren salmonson
wrote on
Hari Krish
wrote on
BigD
wrote on
Ann froshaug
wrote on
catrina williams
wrote on
Daniel Veditz
wrote on
Peter
wrote on