[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250038

 
 

909

 
 

195843

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-0399Date: (C)2005-05-02   (M)2024-03-27


Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.1
Exploit Score: 4.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
BID-12881
SECUNIA-14654
BID-15495
SECUNIA-19823
http://xforce.iss.net/xforce/alerts/id/191
ADV-2005-0296
GLSA-200503-30
P-160
RHSA-2005:323
RHSA-2005:335
RHSA-2005:336
RHSA-2005:337
SCOSA-2005.49
SUSE-SA:2006:004
VU#557948
gif-extension-overflow(19269)
http://www.mozilla.org/security/announce/mfsa2005-30.html
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877
oval:org.mitre.oval:def:100028
oval:org.mitre.oval:def:11377

CPE    46
cpe:/a:mozilla:mozilla:1.4
cpe:/a:mozilla:mozilla:1.3
cpe:/a:mozilla:mozilla:1.6
cpe:/a:mozilla:mozilla:1.5
...
OVAL    1
oval:org.mitre.oval:def:100028

© SecPod Technologies