CVE-2015-2738

Priority
Description
The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr
implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8
and 38.x before 38.1, and Thunderbird before 38.1 reads data from
uninitialized memory locations, which has unspecified impact and attack
vectors.
Assigned-to
chrisccoulson
Notes
Package
Upstream:released (39.0)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [39.0+build5-0ubuntu0.14.04.1])
Package
Priority: Low
Upstream:released (31.8)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [1:31.8.0+build1-0ubuntu0.14.04.1])
More Information

Updated: 2019-12-05 18:40:55 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)