Security researcher 'Looben Yang' discovered a use-after-free vulnerability when using a shared worker with IndexedDB due to a race condition with the worker. This results in a potentially exploitable crash that can be triggered through web content. Upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1200004 External References: https://www.mozilla.org/en-US/security/advisories/mfsa2015-104/
Acknowledgements: Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Looben Yang as the original reporter of this issue.
This issue was fixed in Firefox version 41.