Crash with malformed GIF file on Mac OS X
Posted by CyberLord on July 21 2008 08:13:52
Mozilla Foundation Security Advisory 2008-36
Title: Crash with malformed GIF file on Mac OS X
Impact: Critical
Announced: July 16, 2008
Reporter: Drew Yao
Products: Firefox 3

Fixed in: Firefox 3.0.1


Description
Drew Yao of Apple Product Security reported a vulnerability in Mozilla graphics code which handles GIF rendering in Mac OS X. He demonstrated that a GIF file could be specially crafted to cause the browser to free an uninitialized pointer. An attacker could use this vulnerability to crash the browser and potentially execute arbitrary code on the victim's computer.

Firefox 2 is not affected by this issue.

References
https://bugzilla.mozilla.org/show_bug.cgi?id=441360
Extended News
Mozilla Foundation Security Advisory 2008-36
Title: Crash with malformed GIF file on Mac OS X
Impact: Critical
Announced: July 16, 2008
Reporter: Drew Yao
Products: Firefox 3

Fixed in: Firefox 3.0.1


Description
Drew Yao of Apple Product Security reported a vulnerability in Mozilla graphics code which handles GIF rendering in Mac OS X. He demonstrated that a GIF file could be specially crafted to cause the browser to free an uninitialized pointer. An attacker could use this vulnerability to crash the browser and potentially execute arbitrary code on the victim's computer.

Firefox 2 is not affected by this issue.

References
https://bugzilla.mozilla.org/show_bug.cgi?id=441360