Endpoint Vulnerability

Out of bounds read in QCMS library with ICC V4 profile attributes

Description

Security researcher Felix Gr bert of Google discovered an out of bounds read in the QCMS color management library while manipulating an image with specific attributes in its ICC V4 profile. This causes a crash and could lead to information disclosure.

Affected Products

Firefox

References

CVE-2015-4504,