Memory Initialization Issue in Mozilla Firefox and Thunderbird
CVE-2014-1564

Currently unrated

Key Information:

Vendor

Opensuse

Vendor
CVE Published:
3 September 2014

What is CVE-2014-1564?

A vulnerability in Mozilla Firefox and Thunderbird, prior to specified versions, arises from improper memory initialization during GIF rendering. This flaw can be exploited by remote attackers who deploy specially crafted web scripts targeting a CANVAS element linked to a malformed GIF image. By leveraging this defect, attackers can potentially retrieve sensitive information from the application's process memory, posing significant risks to user data privacy.

References

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.