Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2015-2712

Source

Mozilla Foundation Security Advisory 2015-50

Out-of-bounds read and write in asm.js validation

Announced

May 12, 2015

Reporter

Dougall Johnson

Impact

Critical

Products

Firefox, SeaMonkey

Fixed in

Firefox 38
SeaMonkey 2.35

Description

Security researcher Dougall Johnson reported an out-of-bounds read and write in asm.js during JavaScript validation due to an error in how heap lengths are defined. This results in a potentially exploitable crash and could allow for the reading of random memory which may contain sensitive data.

References

Incorrect asm.js bounds check elimination vulnerability (CVE-2015-2712)

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Out-of-bounds read and write in asm.js validation

Out-of-bounds read and write in asm.js validation

Description

References

Vulmon Search

About

Products

Connect