CVE-2010-0164

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 3.6.2

Description The issue is related to a use-after-free vulnerability in the imgContainer::InternalAddFrameHelper function. This vulnerability can be triggered by a multipart/x-mixed-replace animation where frames have different bits-per-pixel (bpp) values, potentially leading to a denial of service (heap memory corruption and application crash) or possibly allowing remote attackers to execute arbitrary code.

Recommendations For versions prior to 3.6.2, update to version 3.6.2 or later to resolve the issue. As a temporary workaround, consider avoiding the use of multipart/x-mixed-replace animations with varying bits-per-pixel values until the update is applied.