Endpoint Vulnerability

Memory corruption when modifying a file being read by FileReader

Description

Security researcher Oriol reported memory corruption when local files are modified (by either the user or another program) at the same time being read using the FileReader API. This flaw requires that input be taken from a local file in order to be triggered and cannot be triggered by web content. This results in a potentially exploitable crash when triggered.

Affected Products

Firefox

References

CVE-2016-1963,