Security researcher Jordi Chancel reported that a JPEG image could be constructed that would be decoded incorrectly, causing data to be written past the end of a buffer created to store the image. An attacker could potentially craft such an image that would cause malicious code to be stored in memory and then later executed on a victim’s computer.
CPE | Name | Operator | Version |
---|---|---|---|
firefox | lt | 3.6.14 | |
thunderbird | lt | 3.1.8 |