Download Firefox

Firefox is no longer supported on Windows 8.1 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox is no longer supported on macOS 10.14 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2012-11

libpng integer overflow

Announced
February 16, 2012
Impact
Critical
Products
Firefox, Firefox ESR, SeaMonkey, Thunderbird, Thunderbird ESR
Fixed in
  • Firefox 10.0.2
  • Firefox 3.6.27
  • Firefox ESR 10.0.2
  • SeaMonkey 2.7.2
  • Thunderbird 10.0.2
  • Thunderbird 3.1.19
  • Thunderbird ESR 10.0.2

Description

An integer overflow in the libpng library can lead to a heap-buffer overflow when decompressing certain PNG images. This leads to a crash, which may be potentially exploitable.

References