4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.019 Low
EPSS
Percentile
88.6%
Google security researcher Michal Zalewski discovered that when a malformated GIF image is rendered in certain circumstances, memory is not properly initialized before use. The resulting image then uses this memory during rendering. This could allow for the a script in web content to access this unitialized memory using the feature.
CPE | Name | Operator | Version |
---|---|---|---|
firefox | lt | 32 | |
firefox esr | lt | 31.1 | |
seamonkey | lt | 2.29 | |
thunderbird | lt | 31.1 |