Mozilla Firefox allows remote attackers to cause a denial of service (crash) via crafted image, as demonstrated by the zzuf lol-firefox.gif test case.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Firefox | Mozilla | * | * |
| Firefox | Ubuntu | dapper | * |
| Firefox | Ubuntu | feisty | * |
| Firefox | Ubuntu | gutsy | * |
| Firefox | Ubuntu | hardy | * |
| Iceape | Ubuntu | gutsy | * |
| Mozilla-thunderbird | Ubuntu | dapper | * |
| Mozilla-thunderbird | Ubuntu | feisty | * |
| Seamonkey | Ubuntu | devel | * |
| Seamonkey | Ubuntu | hardy | * |
| Seamonkey | Ubuntu | intrepid | * |
| Thunderbird | Ubuntu | devel | * |
| Thunderbird | Ubuntu | gutsy | * |
| Thunderbird | Ubuntu | hardy | * |
| Thunderbird | Ubuntu | intrepid | * |
| Xulrunner | Ubuntu | devel | * |
| Xulrunner | Ubuntu | feisty | * |
| Xulrunner | Ubuntu | gutsy | * |
| Xulrunner | Ubuntu | hardy | * |
| Xulrunner | Ubuntu | intrepid | * |
References
- http://hboeck.de/archives/578-How-long-does-it-take-to-fix-a-crash-bug.html
- http://osvdb.org/44727
- http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities
- http://sam.zoy.org/zzuf/
- http://www.securityfocus.com/bid/27243
- http://hboeck.de/archives/578-How-long-does-it-take-to-fix-a-crash-bug.html
- http://osvdb.org/44727
- http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities
- http://sam.zoy.org/zzuf/
- http://www.securityfocus.com/bid/27243