Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2016-1962

Source

Mozilla Foundation Security Advisory 2016-25

Use-after-free when using multiple WebRTC data channels

Announced

March 8, 2016

Reporter

Dominique Hazaël-Massieux

Impact

Critical

Products

Firefox, Firefox ESR

Fixed in

Firefox 45
Firefox ESR 38.7

Description

Security researcher Dominique Hazaël-Massieux reported a use-after-free issue when using multiple WebRTC data channel connections. This causes a potentially exploitable crash when a data channel connection is freed from within a call through it.

References

Second datachannel with id crashes in PR_Unlock | mozilla::DataChannelConnection::Close after navigation (CVE-2016-1962)

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Use-after-free when using multiple WebRTC data channels

Use-after-free when using multiple WebRTC data channels

Description

References

Vulmon Search

About

Products

Connect