The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mozilla
Published: 2015-07-06T01:00:00
Updated: 2024-08-06T05:24:38.469Z
Reserved: 2015-03-25T00:00:00
Link: CVE-2015-2738
Vulnrichment
No data.
NVD
Status : Modified
Published: 2015-07-06T02:01:07.077
Modified: 2018-10-30T16:27:37.717
Link: CVE-2015-2738
Redhat