6.2 Medium
AI Score
Confidence
Low
0.027 Low
EPSS
Percentile
90.5%
The QCMS implementation in Mozilla Firefox before 37.0 allows remote attackers to obtain sensitive information from process heap memory or cause a denial of service (out-of-bounds read) via an image that is improperly handled during transformation.