Mozilla Firefox IndexedDB Use-After-Free Vulnerability

Mozilla Firefox IndexedDB Use-After-Free Vulnerability

CVE-2015-0831 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation.

Learn more about our Cis Benchmark Audit For Mozilla Firefox.