Download Firefox

Firefox is no longer supported on Windows 8.1 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox is no longer supported on macOS 10.14 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2008-29

Faulty .properties file results in uninitialized memory being used

Announced
July 1, 2008
Reporter
Daniel Glazman
Impact
Low
Products
Firefox, SeaMonkey, Thunderbird
Fixed in
  • Firefox 2.0.0.15
  • SeaMonkey 1.1.10
  • Thunderbird 2.0.0.16

Description

Mozilla developer Daniel Glazman demonstrated that an improperly encoded .properties file in an add-on can result in uninitialized memory being used. This could potentially result in small chunks of data formerly used by other programs being exposed to the add-on code. If the localized string were made available to web content by the add-on this might leak sensitive data.

References