Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-212: Mozilla Vulnerability in BMP Decoder

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-212: Mozilla Vulnerability in BMP Decoder
# 1  
Old 02-27-2008
S-212: Mozilla Vulnerability in BMP Decoder
There is a vulnerability in Mozilla products where the BMP images could be used to reveal small chunks of uninitialized memory that might contain sensitive data from other pages or other programs, and that this data could be extracted from the image using methods associated with the feature. The risk is LOW. Could reveal small chunks of uninitialized memory that might contain sensitive data from other pages or other programs.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

5 More Discussions You Might Find Interesting

1. Programming

ASN.1 decoder

Hi All, I am fairly new to this so please forgive me, Currently I have an ASN.1 which I would like the ability to load this to my work server in order to enter a string of output decode and display the output. There are methods online as shown on ASN.1 JavaScript decoder however I have... (3 Replies)
Discussion started by: mutley2202
3 Replies

2. Programming

ASN.1 Decoder UNIX Code

Kindly help i need to write a code for Decode/Compile the ASN.1 which is found in javascript or C language if any got a final working Code:D (16 Replies)
Discussion started by: teefa
16 Replies

3. UNIX for Dummies Questions & Answers

bmp to gif using convert

Hi Everyone, I am trying to use "convert" to create a movie from .bmp files. I have about 100 .bmp files which I would like to include. I use the following command: convert *.bmp test.gif The problem is that on the cluster I am using there doesn't seem to be enough memory to do this.... (1 Reply)
Discussion started by: jenjen_mt
1 Replies

4. UNIX for Dummies Questions & Answers

core file decoder needed

All, Remotely logged in to the UNIX server (HP B1000 Visual Server) (Version HP-UX 10.20) by using the program Xapplauncher. This is a application runs under Exceed. (Exceed "version 6.1" is a Windows application to communicate with UNIX servers) With no pre warnings the application was... (2 Replies)
Discussion started by: pbekker
2 Replies

5. UNIX Desktop Questions & Answers

Converting BMP to BM (or other unix format)

Hey pllz, ive got a little problem, i want to convert a bmp of gif or jpg to an unix format (bm) anybody got any suggestions ? greets\EJ (1 Reply)
Discussion started by: EJ =)
1 Replies
Login or Register to Ask a Question

LEARN ABOUT CENTOS

derdump

DERDUMP(1)							NSS Security Tools							DERDUMP(1)

NAME

       derdump_ - Dumps C-sequence strings from a DER encoded certificate file

SYNOPSIS

       derdump [-r] [-i input-file] [-o output-file]

STATUS

       This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477[1]

DESCRIPTION

       derdump dumps C-sequence strings from a DER encode certificate file

OPTIONS

       -r
	   For formatted items, dump raw bytes as well

       -i  DER encoded file
	   Define an input file to use (default is stdin)

       -o  output file
	   Define an output file to use (default is stdout).

ADDITIONAL RESOURCES

       NSS is maintained in conjunction with PKI and security-related projects through Mozilla dn Fedora. The most closely-related project is
       Dogtag PKI, with a project wiki at PKI Wiki[2].

       For information specifically about NSS, the NSS project wiki is located at Mozilla NSS site[3]. The NSS site relates directly to NSS code
       changes and releases.

       Mailing lists: pki-devel@redhat.com and pki-users@redhat.com

       IRC: Freenode at #dogtag-pki

AUTHORS

       The NSS tools were written and maintained by developers with Netscape and now with Red Hat.

       Authors: Gerhardus Geldenhuis <gerhardus.geldenhuis@gmail.com>. Elio Maldonado <emaldona@redhat.com>, Deon Lackey <dlackey@redhat.com>

LICENSE

       Licensed under the Mozilla Public License, version 1.1, and/or the GNU General Public License, version 2 or later, and/or the GNU Lesser
       General Public License, version 2.1 or later.

NOTES

	1. Mozilla NSS bug 836477
	   https://bugzilla.mozilla.org/show_bug.cgi?id=836477

	2. PKI Wiki
	   http://pki.fedoraproject.org/wiki/

	3. Mozilla NSS site
	   http://www.mozilla.org/projects/security/pki/nss/

nss-tools							 15 February 2013							DERDUMP(1)