Security Advisory

CVE-2015-4512

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-09-24 01:00:00

Last updated 2024-08-06 06:18:11

Assigner mozilla

State PUBLISHED

Description

gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) by using a CANVAS element to trigger 2D rendering.

← Browse all CVEs View on cve.org ↗