Security researcher Arthur Gerkis used the Address Sanitizer tool to find a use-after-free while replacing/inserting a node in a document. This use-after-free could possibly allow for remote code execution. Reference: http://www.mozilla.org/security/announce/2012/mfsa2012-38.html
Acknowledgements: Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges security researcher Arthur Gerkis as the original reporter.
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Via RHSA-2012:0710 https://rhn.redhat.com/errata/RHSA-2012-0710.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 Via RHSA-2012:0715 https://rhn.redhat.com/errata/RHSA-2012-0715.html