| From the Red Hat advisory:
Two use-after-free flaws were found in the Firefox mObserverList and
mChannel objects. Malicious content could use these flaws to execute
arbitrary code with the privileges of the user running Firefox.
(CVE-2011-0066, CVE-2011-0065)
A flaw was found in the way Firefox displayed the autocomplete pop-up.
Malicious content could use this flaw to steal form history information.
(CVE-2011-0067)
A flaw was found in the way Firefox handled certain JavaScript cross-domain
requests. If malicious content generated a large number of cross-domain
JavaScript requests, it could cause Firefox to execute arbitrary code with
the privileges of the user running Firefox. (CVE-2011-0069)
A flaw was found in the Firefox XSLT generate-id() function. This function
returned the memory address of an object in memory, which could possibly be
used by attackers to bypass address randomization protections.
(CVE-2011-1202)
| 