CVE-2015-7217

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 43.0

Description The issue is related to the gdk-pixbuf configuration in Mozilla Firefox, which incorrectly enables the TGA decoder on Linux GNOME platforms. This allows remote attackers to cause a denial of service via a crafted Truevision TGA image, resulting in a heap-based buffer overflow. The vulnerability can be exploited by a remote attacker using a specially formed Truevision TGA image, leading to a denial of service.

Recommendations For versions prior to 43.0, update to version 43.0 or later to resolve the issue. As a temporary workaround, consider disabling the TGA decoder until a patch is available. Restrict access to crafted Truevision TGA images to minimize the risk of exploitation.