The FileReader class in Mozilla Firefox before 45.0 allows local users to gain privileges or cause a denial of service (memory corruption) by changing a file during a FileReader API read operation.
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
http://www.mozilla.org/security/announce/2016/mfsa2016-26.html
http://www.securitytracker.com/id/1035215
http://www.ubuntu.com/usn/USN-2917-1
http://www.ubuntu.com/usn/USN-2917-2
http://www.ubuntu.com/usn/USN-2917-3
Source: MITRE
Published: 2016-03-13
Updated: 2016-12-03
Type: CWE-119
Base Score: 4.4
Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 3.4
Severity: MEDIUM
Base Score: 7.4
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 1.4
Severity: HIGH