Mozilla Firefox prior to 32.0, Firefox ESR 31.x prior to 31.1, and Thunderbird 31.x prior to 31.1 do not properly initialize memory for GIF rendering, which allows remote malicious users to obtain sensitive information from process memory via crafted web script that interacts with a CANVAS element associated with a malformed GIF image.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensuse opensuse 12.3 |
||
opensuse opensuse 13.1 |
||
opensuse evergreen 11.4 |
||
mozilla thunderbird 31.0 |
||
mozilla firefox |
||
mozilla firefox 31.0 |
||
mozilla firefox esr 31.0 |
||
mozilla firefox 30.0 |