You are here: Known Vulnerabilities in Mozilla Products (Firefox 184.108.40.206) > MFSA 2008-29
Mozilla Foundation Security Advisory 2008-29
Title: Faulty .properties file results in uninitialized memory being used
Announced: July 1, 2008
Reporter: Daniel Glazman
Products: Firefox, Thunderbird, SeaMonkey
Fixed in: Firefox 220.127.116.11
Mozilla developer Daniel Glazman demonstrated that an improperly encoded .properties file in an add-on can result in uninitialized memory being used. This could potentially result in small chunks of data formerly used by other programs being exposed to the add-on code. If the localized string were made available to web content by the add-on this might leak sensitive data.