Hide Forgot
Security researcher Frédéric Hoguin reported two related issues with the decoding of bitmap (.BMP) format images embedded in icon (.ICO) format files. When processing a negative "height" header value for the bitmap image, a memory corruption can be induced, allowing an attacker to write random memory and cause a crash. This crash may be potentially exploitable. Reference: http://www.mozilla.org/security/announce/2012/mfsa2012-61.html Acknowledgements: Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Frédéric Hoguin as the original reporter of this flaw.
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Via RHSA-2012:1211 https://rhn.redhat.com/errata/RHSA-2012-1211.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 Via RHSA-2012:1210 https://rhn.redhat.com/errata/RHSA-2012-1210.html