Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Thunderbird | Mozilla | * | 31.4 (including) |
Thunderbird | Mozilla | 31.0 (including) | 31.0 (including) |
Thunderbird | Mozilla | 31.1.2 (including) | 31.1.2 (including) |
Thunderbird | Mozilla | 31.2 (including) | 31.2 (including) |
Thunderbird | Mozilla | 31.3 (including) | 31.3 (including) |