Mozilla Foundation Security Advisory 2015-23
Use-after-free in Developer Console date with OpenType Sanitiser
- February 24, 2015
- Atte Kettunen
- Fixed in
- Firefox 36
Using the Address Sanitizer tool, security researcher Atte Kettunen found a problem with OpenType Sanitiser (OTS) that resulted in a use-after-free while expanding macros in some circumstances. This use-after-free was only used for information displayed in the developer console and was not exploitable.