An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value, in Firefox before 61.0 and Thunderbird before 52.9. This could leak private data into the output.
An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value, in Firefox before 61.0 and Thunderbird before 52.9. This could leak private data into the output.
https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12366 https://bugzilla.mozilla.org/show_bug.cgi?id=1464039