CVE-2014-8637

Currently unrated

Key Information:

Vendor: Mozilla
Status: Seamonkey
Vendor: CVE Published:; 14 January 2015

Summary

Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element.

References

http://secunia.com/advisories/62242

third-party-advisoryx_refsource_SECUNIA

http://www.securitytracker.com/id/1031533

vdb-entryx_refsource_SECTRACK

http://lists.opensuse.org/opensuse-security-announce/2015...

vendor-advisoryx_refsource_SUSE

Timeline

Vulnerability published
Jan 14, 2015
Vulnerability Reserved
Nov 6, 2014