Download Firefox

Firefox is no longer supported on Windows 8.1 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Download Firefox ESR 64-bit

Download Firefox ESR 32-bit

Download a different build

Firefox is no longer supported on macOS 10.14 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Download Firefox ESR
Firefox Privacy Notice
Get Mozilla VPN

Mozilla Foundation Security Advisory 2011-09

Crash caused by corrupted JPEG image

Announced
March 1, 2011
Reporter
Jordi Chancel
Impact
Critical
Products
Firefox, Thunderbird
Fixed in
  • Firefox 3.6.14
  • Thunderbird 3.1.8

Description

Security researcher Jordi Chancel reported that a JPEG image could be constructed that would be decoded incorrectly, causing data to be written past the end of a buffer created to store the image. An attacker could potentially craft such an image that would cause malicious code to be stored in memory and then later executed on a victim's computer.

Firefox 3.5 was not affected by this issue.

References