Download Firefox

Firefox is no longer supported on Windows 8.1 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox is no longer supported on macOS 10.14 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2012-06

Uninitialized memory appended when encoding icon images may cause information disclosure

Announced
January 31, 2012
Reporter
Tim Abraldes
Impact
High
Products
Firefox, SeaMonkey, Thunderbird
Fixed in
  • Firefox 10
  • SeaMonkey 2.7
  • Thunderbird 10

Description

Mozilla developer Tim Abraldes reported that when encoding images as image/vnd.microsoft.icon the resulting data was always a fixed size, with uninitialized memory appended as padding beyond the size of the actual image. This is the result of mImageBufferSize in the encoder being initialized with a value different than the size of the source image. There is the possibility of sensitive data from uninitialized memory being appended to a PNG image when converted fron an ICO format image. This sensitive data may then be disclosed in the resulting image.

Firefox 3.6 and Thunderbird 3.1 are not affected by this vulnerability.

References