Endpoint Vulnerability

Use-after-free during XML transformations

Description

Security researcher Nicolas Gr goire used the Address Sanitizer to find a use-after-free during XML transformation operations. This results in a potentially exploitable crash triggerable by web content.

Affected Products

Thunderbird

References

CVE-2016-1964,