Mozilla Foundation Security Advisory 2014-78

Further uninitialized memory use during GIF rendering

Announced
October 14, 2014
Reporter
Michal Zalewski
Impact
High
Products
Firefox, Firefox OS, SeaMonkey
Fixed in
  • Firefox 33
  • Firefox OS 2.2
  • SeaMonkey 2.30

Description

Google security researcher Michal Zalewski reported that when a malformed GIF image is repeatedly rendered within a <canvas> element, memory may not always be properly initialized. The resulting series of images then uses this uninitialized memory during rendering, allowing data to potentially leak to web content.

References