CVE Vulnerabilities

CVE-2004-0904

Published: Dec 31, 2004 | Modified: Oct 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.

Affected Software

Name Vendor Start Version End Version
Firefox Mozilla 0.8 0.8
Firefox Mozilla 0.9 0.9
Firefox Mozilla 0.9 0.9
Firefox Mozilla 0.9.1 0.9.1
Firefox Mozilla 0.9.2 0.9.2
Firefox Mozilla 0.9.3 0.9.3
Mozilla Mozilla 1.7 1.7
Mozilla Mozilla 1.7 1.7
Mozilla Mozilla 1.7.1 1.7.1
Mozilla Mozilla 1.7.2 1.7.2
Thunderbird Mozilla 0.6 0.6
Thunderbird Mozilla 0.7 0.7
Thunderbird Mozilla 0.7.1 0.7.1
Thunderbird Mozilla 0.7.2 0.7.2
Thunderbird Mozilla 0.7.3 0.7.3
Navigator Netscape 7.0 7.0
Navigator Netscape 7.0.2 7.0.2
Navigator Netscape 7.1 7.1
Navigator Netscape 7.2 7.2
Linux Conectiva 9.0 9.0
Linux Conectiva 10.0 10.0
Red Hat Enterprise Linux 2.1 RedHat galeon *
Red Hat Enterprise Linux 2.1 RedHat mozilla *
Red Hat Enterprise Linux 3 RedHat mozilla *

References