Endpoint Vulnerability

Type confusion in Indexed Database Manager

Description

Security researcher Paul Bandha reported a type confusion error where part of IDBDatabase is read by the Indexed Database Manager and incorrectly used as a pointer when it shouldn't be used as such. This leads to memory corruption and the possibility of an exploitable crash.

Affected Products

Firefox,Firefox ESR

References

CVE-2015-2728,