936 B
936 B
CVE-2015-0831
Description
Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation.
POC
Reference
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=1130541
Github
No PoCs found on GitHub currently.