Endpoint Vulnerability

Use-after-free while when manipulating certificates in the trusted cache

Description

Security researchers Tyson Smith and Jesse Schwartzentruber used the Address Sanitizer tool while fuzzing to discover a use-after-free error resulting in a crash. This is a result of a pair of NSSCertificate structures being added to a trust domain and then one of them is removed while they are still in use by the trusted cache. This crash is potentially exploitable.

Affected Products

Thunderbird

References

CVE-2014-1544,