Back to search
CVE-2012-0447
Published: Feb 1, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize data for image/vnd.microsoft.icon images, which allows remote attackers to obtain potentially sensitive information by reading a PNG image that was created through conversion from an ICO image.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.mozilla.org/show_bug.cgi?id=710079
x_refsource_CONFIRM
mozilla-mimagebuffersize-info-disclosure(72856)
vdb-entry
x_refsource_XF
oval:org.mitre.oval:def:14912
vdb-entry
signature
x_refsource_OVAL
49055
third-party-advisory
x_refsource_SECUNIA
http://www.mozilla.org/security/announce/2012/mfsa2012-06.html
x_refsource_CONFIRM
MDVSA-2012:013
vendor-advisory
x_refsource_MANDRIVA
openSUSE-SU-2012:0234
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now