Threat Encyclopedia

Out-of-bounds read and write in asm.js validation

description-logoDescription

Security researcher Dougall Johnson reported an out-of-bounds read and write in asm.js during JavaScript validation due to an error in how heap lengths are defined. This results in a potentially exploitable crash and could allow for the reading of random memory which may contain sensitive data.

affected-products-logoAffected Products

Firefox

Telemetry

CVE References

CVE-2015-2712