Lucene search

K
mozillaMozilla FoundationMFSA2014-32
HistoryMar 18, 2014 - 12:00 a.m.

Out-of-bounds write through TypedArrayObject after neutering — Mozilla

2014-03-1800:00:00
Mozilla Foundation
www.mozilla.org
25

0.077 Low

EPSS

Percentile

94.2%

Security researcher George Hotz, via TippingPoint’s Pwn2Own contest, discovered an issue where values are copied from an array into a second, neutered array. This allows for an out-of-bounds write into memory, causing an exploitable crash leading to arbitrary code execution.