Mozilla Foundation Security Advisory 2015-61
Type confusion in Indexed Database Manager
- Announced
- July 2, 2015
- Reporter
- Paul Bandha
- Impact
- High
- Products
- Firefox, Firefox ESR, Firefox OS, SeaMonkey
- Fixed in
-
- Firefox 39
- Firefox ESR 31.8
- Firefox ESR 38.1
- Firefox OS 2.2
- SeaMonkey 2.35
Description
Security researcher Paul Bandha reported a type confusion
error where part of IDBDatabase
is read by the Indexed Database
Manager and incorrectly used as a pointer when it shouldn't be used as such.
This leads to memory corruption and the possibility of an exploitable crash.