Mozilla Firefox and Thunderbird JPEG Image Decoding Buffer Overflow Vulnerability

Mozilla Firefox and Thunderbird are prone to a buffer-overflow vulnerability because of a failure to properly bounds check user-supplied data.

Successful exploits may allow an attacker to execute arbitrary code in the context of the user running an affected application. Failed exploit attempts will result in a denial-of-service condition.

This issue affects versions prior to:

Firefox 3.6.14
Thunderbird 3.1.8

NOTE: This issue was previously discussed in BID 46368 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2011-01 through -10 Multiple Vulnerabilities) but has been given its own record to better document it.


Privacy Statement
Copyright 2010, SecurityFocus