Mozilla Firefox prior to 35.0 and SeaMonkey prior to 2.32 do not properly initialize memory for BMP images, which allows remote malicious users to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla seamonkey |
||
mozilla firefox |