Heap-based buffer overflow in CopyRect function in Mozilla Firefox and Thunderbird

Heap-based buffer overflow in CopyRect function in Mozilla Firefox and Thunderbird

CVE-2015-0827 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic.

Learn more about our Cis Benchmark Audit For Mozilla Firefox.