Memory leak in mozTCPSocket to servers
- September 22, 2015
- David Chan
- Firefox, SeaMonkey
- Fixed in
- Firefox 41
- SeaMonkey 2.38
Security researcher David Chan reported that Mozilla's
mozTCPSocket implementation could leak data past the end of an array,
allowing for the potential exposure of memory or private data to malicious servers.
This feature is used by Firefox OS and is disabled by default in Firefox on other operating systems.