Описание
The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information from process memory via a crafted color profile that triggers an out-of-bounds read operation.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 14.0.1+build1-0ubuntu2 |
| hardy | ignored | end of life |
| lucid | released | 14.0.1+build1-0ubuntu0.10.04.1 |
| natty | released | 14.0.1+build1-0ubuntu0.11.04.1 |
| oneiric | released | 14.0.1+build1-0ubuntu0.11.10.1 |
| precise | released | 14.0.1+build1-0ubuntu0.12.04.1 |
| quantal | not-affected | 14.0.1+build1-0ubuntu2 |
| raring | not-affected | 14.0.1+build1-0ubuntu2 |
| saucy | not-affected | 14.0.1+build1-0ubuntu2 |
| upstream | released | 14 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| natty | ignored | end of life |
| oneiric | ignored | end of life |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 14.0+build1-0ubuntu2 |
| hardy | ignored | end of life |
| lucid | released | 14.0+build1-0ubuntu0.10.04.1 |
| natty | released | 14.0+build1-0ubuntu0.11.04.1 |
| oneiric | released | 14.0+build1-0ubuntu0.11.10.1 |
| precise | released | 14.0+build1-0ubuntu0.12.04.1 |
| quantal | not-affected | 14.0+build1-0ubuntu2 |
| raring | not-affected | 14.0+build1-0ubuntu2 |
| saucy | not-affected | 14.0+build1-0ubuntu2 |
| upstream | released | 14 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| natty | ignored | end of life |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | DNE | |
| lucid | DNE | |
| natty | ignored | end of life |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE | |
| upstream | needs-triage |
Показывать по
5 Medium
CVSS2
Связанные уязвимости
The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information from process memory via a crafted color profile that triggers an out-of-bounds read operation.
The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information from process memory via a crafted color profile that triggers an out-of-bounds read operation.
The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implemen ...
The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 might allow remote attackers to obtain sensitive information from process memory via a crafted color profile that triggers an out-of-bounds read operation.
5 Medium
CVSS2