Mozilla Foundation Security Advisory 2015-14

Malicious WebGL content crash when writing strings

Announced
February 24, 2015
Reporter
Daniele Di Proietto
Impact
Moderate
Products
Firefox, Firefox OS, SeaMonkey
Fixed in
  • Firefox 36
  • Firefox OS 2.2
  • SeaMonkey 2.33

Description

Security researcher Daniele Di Proietto discovered that when WebGL content crafted in a specific manner wrote strings, it would cause a crash when this content was run.

References