Mozilla Foundation Security Advisory 2015-88
Heap overflow in gdk-pixbuf when scaling bitmap images
- Announced
- August 11, 2015
- Reporter
- Gustavo Grieco
- Impact
- High
- Products
- Firefox, Firefox ESR, SeaMonkey, Thunderbird
- Fixed in
-
- Firefox 40
- Firefox ESR 38.2
- SeaMonkey 2.35
- Thunderbird 38.2
Description
Security researcher Gustavo Grieco reported a heap overflow
in gdk-pixbuf
affecting Linux systems using Gnome. This issue is
triggered by the scaling of a malformed bitmap format image and results in a
potentially exploitable crash.
This issue only affects Linux systems running Gnome. Windows and OS X operating systems are unaffected.