Mozilla Foundation Security Advisory 2015-85
Out-of-bounds write with Updater and malicious MAR file
- Announced
- August 11, 2015
- Reporter
- Holger Fuhrmannek
- Impact
- High
- Products
- Firefox, Firefox ESR, Firefox OS, SeaMonkey, Thunderbird
- Fixed in
-
- Firefox 40
- Firefox ESR 38.2
- Firefox OS 2.5
- SeaMonkey 2.35
- Thunderbird 38.2
Description
Security researcher Holger Fuhrmannek reported that if the
Updater opens a MAR
format file with a specially crafted name, an out-of-bounds write will occur.
This can lead to a potentially exploitable crash but requires that the malicious
MAR format file be present on the local system and the Updater to be
run to use it.
References