CVE-2013-0792

Published: 03 April 2013

Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.color_management.enablev4 is used, do not properly handle color profiles during PNG rendering, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a grayscale PNG image.

Priority

Low

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
Upstream
Released (20.0)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (20.0+build1-0ubuntu1)
seamonkey
Launchpad, Ubuntu, Debian
Upstream Pending
(2.17)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist