Mozilla Foundation Security Advisory 2012-65

Out-of-bounds read in format-number in XSLT

Announced
August 28, 2012
Reporter
Nicolas Grégoire
Impact
Moderate
Products
Firefox, Firefox ESR, SeaMonkey, Thunderbird, Thunderbird ESR
Fixed in
  • Firefox 15
  • Firefox ESR 10.0.7
  • SeaMonkey 2.12
  • Thunderbird 15
  • Thunderbird ESR 10.0.7

Description

Security research Nicolas Grégoire used the Address Sanitizer tool to discover an out-of-bounds read in the format-number feature of XSLT, which can cause inaccurate formatting of numbers and information leakage. This is not directly exploitable.

References