It was found that removed child nodes of nsDOMAttribute could be accessed under certain circumstances, due to premature notification of AttributeChildRemoved. This use-after-free of the child nodes could possibly allow for the the remote execution of arbitrary code. Reference: https://bugzilla.mozilla.org/show_bug.cgi?id=708198 External References: http://www.mozilla.org/security/announce/2012/mfsa2012-04.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2012:0080 https://rhn.redhat.com/errata/RHSA-2012-0080.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Via RHSA-2012:0079 https://rhn.redhat.com/errata/RHSA-2012-0079.html