Mozilla Thunderbird CVE-2014-1513 Out of Bounds Write Vulnerability

description-logoDescription

Security researcher Jri Aedla, via TippingPoint's Pwn2Own contest, reported that TypedArrayObject does not handle the case where ArrayBuffer objects are neutered, setting their length to zero while still in use. This leads to out-of-bounds reads and writes into the JavaScript heap, allowing for arbitrary code execution.

affected-products-logoAffected Applications

Thunderbird

CVE References

CVE-2014-1513