Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2014-8637

Source

Mozilla Foundation Security Advisory 2015-02

Uninitialized memory use during bitmap rendering

Announced

January 13, 2015

Reporter

Michal Zalewski

Impact

High

Products

Firefox, SeaMonkey

Fixed in

Firefox 35
SeaMonkey 2.32

Description

Google security researcher Michal Zalewski reported that when a malformed bitmap image is rendered by the bitmap decoder within a <canvas> element, memory may not always be properly initialized. The resulting image then uses this uninitialized memory during rendering, allowing data to potentially leak to web content.

References

Apparent use of uninitialized memory when rendering BMPs on <canvas> (CVE-2014-8637)

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Uninitialized memory use during bitmap rendering

Uninitialized memory use during bitmap rendering

Description

References

Vulmon Search

About

Products

Connect