Apple Safari might allow remote attackers to obtain potentially sensitive memory contents or cause a denial of service (crash) via a crafted (1) bitmap (BMP) or (2) GIF file, a related issue to CVE-2008-0420.
https://bugzilla.mozilla.org/show_bug.cgi?id=408076
http://www.securitytracker.com/id?1019487
http://www.securityfocus.com/bid/27947
http://www.securityfocus.com/archive/1/488264/100/0/threaded