Mozilla Firefox ESR CVE-2014-1590 Input Validation Bypass Vulnerability

description-logoDescription

Security researcher Joe Vennix from Rapid7 reported that passing a JavaScript object to XMLHttpRequest that mimics an input stream will a crash. This crash is not exploitable and can only be used for denial of service attacks.

affected-products-logoAffected Applications

Firefox ESR

CVE References

CVE-2014-1590