Out of bounds read in QCMS

ID MFSA2012-50
Type mozilla
Reporter Mozilla Foundation
Modified 2012-07-17T00:00:00


Google developer Tony Payne reported an out of bounds (OOB) read in QCMS, Mozilla’s color management library. With a carefully crafted color profile portions of a user's memory could be incorporated into a transformed image and possibly deciphered.