Red Hat Bugzilla – Bug 840213
CVE-2012-1960 Mozilla: Out of bounds read in QCMS (MFSA 2012-50)
Last modified: 2016-03-04 06:55:55 EST
Google developer Tony Payne reported an out of bounds (OOB) read in QCMS, Mozilla's color management library. With a carefully crafted color profile portions of a user's memory could be incorporated into a transformed image and possibly deciphered.
Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Google developer Tony Payne as the original reporter of this issue.
Not Vulnerable. This issue does not affect the version of Firefox and Thunderbird package as shipped with Red Hat Enterprise Linux 5 and 6.