Mozilla Foundation Security Advisory 2015-109

JavaScript immutable property enforcement can be bypassed

Announced
September 22, 2015
Reporter
Jeff Walden
Impact
High
Products
Firefox, SeaMonkey
Fixed in
  • Firefox 41
  • SeaMonkey 2.38

Description

Mozilla developer Jeff Walden reported that in Gecko's implementation of ECMAScript 5 API's enforces non-configurable properties with logic specific to each API. Scripts that do not go through these APIs can bypass these protections and make changes to the immutable properties in violation of security protections. This could potentially allow for web content to run in a privileged context leading to arbitrary code execution.

References