Access of Uninitialized Pointer

CVE-2014-1564

Medium

4.3/10

Summary

Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do not properly initialize memory for GIF rendering, which allows remote attackers to obtain sensitive information from process memory via crafted web script that interacts with a CANVAS element associated with a malformed GIF image.

Access Complexity: MEDIUM
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: PARTIAL
Availability Impact: NONE

CWE-824 - Access of Uninitialized Pointer

The program accesses or uses a pointer that has not been initialized.

References

Advisory Timeline

Published Sep 03, 2014

Access of Uninitialized Pointer

CVE-2014-1564

Summary

CWE-824 - Access of Uninitialized Pointer

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS