Mozilla Firefox CVE-2014-1524 Buffer Overflow Vulnerability

description-logoDescription

Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a buffer overflow when a script uses a non-XBL object as an XBL object because the XBL status of the object is not properly validated. The resulting memory corruption is potentially exploitable.

affected-products-logoAffected Applications

Firefox
Firefox ESR

CVE References

CVE-2014-1524