New Search

The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0 Thunderbird 5.0 through 13.0 and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information from process memory via a crafted color profile that triggers an out-of-bounds read operation.

oval:org.mitre.oval:def:16735

The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0 Thunderbird 5.0 through 13.0 and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information from process memory via a crafted color profile that triggers an out-of-bounds read operation.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Vista
  • Microsoft Windows Server 2003
  • Microsoft Windows 7
  • Microsoft Windows XP
  • Microsoft Windows 8
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2008
  • Microsoft Windows 2000
Class:
vulnerability
Reference(s):
  • CVE-2012-1960
Product(s):
  • Mozilla Thunderbird
  • Mozilla SeaMonkey
  • Mozilla Firefox