$ gdb (gdb) core-file firefox-bin.core Core was generated by `firefox-bin'. Program terminated with signal 11, Segmentation fault. #0 0xbb0d523f in ?? ()
This smells like a security issue. Stating the obvious here, but it looks like it could be exploited if an attacker is able to point the IP onto an executable heap where shellcode would reside. Exploit developers have been using javascript to deploy malicious payloads on to the heap for this purpose for quite some time. Is there a way to get a backtrace with symbols to see what was happening at the time of the segfault? That would help determine whether this could potentially be a drive-by-and-youre-owned vlunerability. If this is a valid security issue, is there any interest in updating the buggy component or removing it all together? Thanks, Brian