CVE-2014-8637
Publication date 14 January 2015
Last updated 24 July 2024
Ubuntu priority
Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element.
Status
Package | Ubuntu Release | Status |
---|---|---|
firefox | ||
14.04 LTS trusty |
Fixed 35.0+build3-0ubuntu0.14.04.2
|
|
References
Related Ubuntu Security Notices (USN)
- USN-2458-1
- Firefox vulnerabilities
- 14 January 2015