Vulnerability identifier: #VU50887
Vulnerability risk: Low
Exploitation vector: Network
Exploit availability: No
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was invoked, the browser called the sizeof function instead of using the API method that checks for invalid pointers.
Install updates from vendor's website.
Vulnerable software versions
Mozilla Firefox: 80.0 - 85.0.2
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?