|TREND MICRO CUSTOMER PROTECTION
|Trend Micro TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID ['11198']. For further product information on the TippingPoint IPS: http://www.tippingpoint.com
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within Firefox's handling of observer OBJECTs. If an observer OBJECT is removed from the mObserverList during an iteration of LOOP_OVER_OBSERVERS macro, one can heap spray over |mObserverList.mNext| and
Mozilla has issued an update to correct this vulnerability. More details can be found at: