Issue
A null pointer dereference in the content layout component of Firefox allows an attacker to crash the browser when a user navigates to a malicious page.
Impact
If a user browses to a malicious page that takes advantage of this vulnerability, the browser will crash. A feature in Firefox called Session Restore will restore the browser session when Firefox is restarted and will likely save user typed content in text areas as well. This feature is designed to save users’ work in the event of a crash or browser restart.
Status
This issue is currently under investigation. Mozilla has assigned this bug an initial severity rating of low because of the minimal security risk to users.
Credit
Radware reported this issue to Mozilla.
Sam Hasler wrote on
Jesse Ruderman wrote on
Mook wrote on
Window Snyder wrote on
Thomas Jedenfelt wrote on
Security Software Developer wrote on
.NET Component Library wrote on
Dicks wrote on
loren salmonson wrote on
Hari Krish wrote on
BigD wrote on
Ann froshaug wrote on
catrina williams wrote on
Daniel Veditz wrote on
Peter wrote on