Mozilla Foundation Security Advisory 2008-45

XBM image uninitialized memory reading

Announced

September 23, 2008

Reporter

Billy Hoffman

Impact

Low

Products

Firefox, SeaMonkey

Fixed in

Firefox 2.0.0.17
SeaMonkey 1.1.12

Description

Security researcher Billy Hoffman discovered a bug in the XBM decoder that allowed random small chunks of uninitialized memory to be read. The severity of this bug was low and did not appear to cause any memory corruption.

Firefox 3 is not affected by this issue

References

Uninitialized memory reading
CVE-2008-4069

Firefox for Desktop

Firefox for Android

Firefox for iOS

Firefox Focus

Firefox Blog

Release Notes

Mozilla Monitor

Facebook Container

Pocket

Mozilla VPN

Firefox Relay

MDN Plus

Fakespot

Mozilla Manifesto

Mozilla Foundation

Leadership

Get involved

Careers

Mozilla Blog

Impact

Firefox Developer Edition

MDN Web Docs

Mozilla Innovation Projects

Common Voice

Mozilla Foundation Security Advisory 2008-45

XBM image uninitialized memory reading

Description

References