Mozilla Foundation Security Advisory 2015-45
Memory corruption during failed plugin initialization
- Announced
- April 20, 2015
- Reporter
- Robert Kaiser
- Impact
- High
- Products
- Firefox, SeaMonkey
- Fixed in
-
- Firefox 37.0.2
- SeaMonkey 2.35
Description
Mozilla developer Robert Kaiser (Kairo) reported that a race condition when initialization of a plugin fails led to a potentially exploitable use-after-free vulnerability.