Mozilla Foundation Security Advisory 2009-56
Heap buffer overflow in GIF color map parser
- October 27, 2009
- regenrecht, iDefense
- Firefox, SeaMonkey
- Fixed in
- Firefox 3.0.15
- Firefox 3.5.4
- SeaMonkey 2
This flaw does not affect products built on the Gecko 1.8 browser engine such as Thunderbird 2.
Security research firm iDefense reported that researcher regenrecht discovered a heap-based buffer overflow in Mozilla's GIF image parser. This vulnerability could potentially be used by an attacker to crash a victim's browser and run arbitrary code on their computer.