You are here: Security Center > Mozilla Foundation Security Advisories > MFSA 2012-92

Mozilla Foundation Security Advisory 2012-92

Title: Buffer overflow while rendering GIF images
Impact: Critical
Announced: November 20, 2012
Reporter: Atte Kettunen
Products: Firefox, Thunderbird, SeaMonkey

Fixed in: Firefox 17.0
  Firefox ESR 10.0.11
  Thunderbird 17.0
  Thunderbird ESR 10.0.11
  SeaMonkey 2.14

Description

Security researcher Atte Kettunen from OUSPG used the Address Sanitizer tool to discover a buffer overflow while rendering GIF format images. This issue is potentially exploitable and could lead to arbitrary code execution.

References