Mozilla Foundation Security Advisory 2015-36

Incorrect memory management for simple-type arrays in WebRTC

Announced
March 31, 2015
Reporter
Mitchell Harper
Impact
Low
Products
Firefox, SeaMonkey
Fixed in
  • Firefox 37
  • SeaMonkey 2.35

Description

Security researcher Mitchell Harper used Valgrind to discover incorrect memory management for simple-type arrays in WebRTC. This was undefined behavior which is theoretically dangerous but was determined to be safe in this instance.

References