VUPEN Vulnerability Research Team discovered a critical vulnerability in Mozilla Firefox. The vulnerability is caused by a use-after-free error in the "setUserData()" method within the "nsHTMLEditRules" class, which could allow remote attackers execute arbitrary code via a specially crafted web page. Products affected include Mozilla Firefox versions prior to 15, Mozilla Firefox ESR versions prior to 10.0.7, Mozilla Thunderbird versions prior to 15, Mozilla Thunderbird ESR versions prior to 10.0.7, and Mozilla SeaMonkey versions prior to 2.12.
b959bb054b031b5fb76ff256d6ea33e667b137e39e0b15d5f9ad08cc17dd93af