Red Hat Bugzilla – Bug 1265596
CVE-2015-4504 Mozilla: Out of bounds read in QCMS library with ICC V4 profile attributes (MFSA 2015-98)
Last modified: 2015-09-24 12:41:54 EDT
Security researcher Felix Gröbert of Google discovered an out of bounds read
in the QCMS color management library while manipulating an image with specific
attributes in its ICC V4 profile. This causes a crash and could lead to
Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Felix Gröbert of Google as the original reporter.
This issue was fixed in Firefox version 41.