Mozilla Foundation Security Advisory 2015-22
Crash using DrawTarget in Cairo graphics library
- Announced
- February 24, 2015
- Reporter
- Atte Kettunen
- Impact
- Moderate
- Products
- Firefox, SeaMonkey
- Fixed in
- 
        - Firefox 36
- SeaMonkey 2.33
 
Description
Security researcher Atte Kettunen used the Address Sanitizer
tool to discover a crash while drawing images through the Cairo graphics library
while using the DrawTarget function. This can result in a
segmentation fault due to zero-ing out of memory outside the bounds of the
image.