CVE-2005-0399: Buffer Overflow
First published: Thu Mar 24 2005(Updated: )
Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Thunderbird | =0.6 | |
| Mozilla Firefox | =0.8 | |
| Mozilla Thunderbird | =0.7.2 | |
| Mozilla Thunderbird | =0.3 | |
| Mozilla Mozilla | =1.7-alpha | |
| Mozilla Thunderbird | =0.2 | |
| Mozilla Mozilla | =1.7-rc1 | |
| Mozilla Mozilla | =1.5-rc2 | |
| Mozilla Mozilla | =1.7 | |
| Mozilla Firefox | =0.9.1 | |
| Mozilla Mozilla | =1.7.5 | |
| Mozilla Firefox | =0.10.1 | |
| Mozilla Thunderbird | =1.0 | |
| Mozilla Firefox | =0.9 | |
| Mozilla Thunderbird | =1.0.1 | |
| Mozilla Mozilla | =1.6-beta | |
| Mozilla Mozilla | =1.4.1 | |
| Mozilla Mozilla | =1.5-alpha | |
| Mozilla Mozilla | =1.5-rc1 | |
| Mozilla Mozilla | =1.3 | |
| Mozilla Firefox | =1.0 | |
| Mozilla Mozilla | =1.7-beta | |
| Mozilla Firefox | =1.0.1 | |
| Mozilla Mozilla | =1.4 | |
| Mozilla Mozilla | =1.5 | |
| Mozilla Thunderbird | =0.5 | |
| Mozilla Thunderbird | =0.9 | |
| Mozilla Mozilla | =1.7.1 | |
| Mozilla Thunderbird | =0.7.3 | |
| Mozilla Firefox | =0.9.3 | |
| Mozilla Mozilla | =1.4-alpha | |
| Mozilla Thunderbird | =0.4 | |
| Mozilla Thunderbird | =0.7 | |
| Mozilla Mozilla | =1.5.1 | |
| Mozilla Firefox | =0.9.2 | |
| Mozilla Mozilla | =1.7.2 | |
| Mozilla Thunderbird | =0.1 | |
| Mozilla Firefox | =0.9-rc | |
| Mozilla Mozilla | =1.7-rc3 | |
| Mozilla Thunderbird | =0.7.1 | |
| Mozilla Thunderbird | =0.8 | |
| Mozilla Mozilla | =1.7-rc2 | |
| Mozilla Firefox | =0.10 | |
| Mozilla Mozilla | =1.7.3 | |
| Mozilla Mozilla | =1.6-alpha | |
| Mozilla Mozilla | =1.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://xforce.iss.net/xforce/alerts/id/191
- http://www.mozilla.org/security/announce/mfsa2005-30.html
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877
- http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml
- http://www.redhat.com/support/errata/RHSA-2005-323.html
- http://www.redhat.com/support/errata/RHSA-2005-335.html
- http://www.redhat.com/support/errata/RHSA-2005-336.html
- http://www.redhat.com/support/errata/RHSA-2005-337.html
- http://www.kb.cert.org/vuls/id/557948
- http://www.ciac.org/ciac/bulletins/p-160.shtml
- http://secunia.com/advisories/14654
- http://www.securityfocus.com/bid/12881
- http://www.securityfocus.com/bid/15495
- http://secunia.com/advisories/19823
- http://www.novell.com/linux/security/advisories/2006_04_25.html
- http://www.vupen.com/english/advisories/2005/0296
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19269
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11377
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100028
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/weakness
- agent/remedy
- agent/references
- agent/author
- agent/severity
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/mozilla
- canonical/mozilla thunderbird
- version/mozilla thunderbird/0.6
- canonical/mozilla firefox
- version/mozilla firefox/0.8
- version/mozilla thunderbird/0.7.2
- version/mozilla thunderbird/0.3
- canonical/mozilla mozilla
- version/mozilla mozilla/1.7-alpha
- version/mozilla thunderbird/0.2
- version/mozilla mozilla/1.7-rc1
- version/mozilla mozilla/1.5-rc2
- version/mozilla mozilla/1.7
- version/mozilla firefox/0.9.1
- version/mozilla mozilla/1.7.5
- version/mozilla firefox/0.10.1
- version/mozilla thunderbird/1.0
- version/mozilla firefox/0.9
- version/mozilla thunderbird/1.0.1
- version/mozilla mozilla/1.6-beta
- version/mozilla mozilla/1.4.1
- version/mozilla mozilla/1.5-alpha
- version/mozilla mozilla/1.5-rc1
- version/mozilla mozilla/1.3
- version/mozilla firefox/1.0
- version/mozilla mozilla/1.7-beta
- version/mozilla firefox/1.0.1
- version/mozilla mozilla/1.4
- version/mozilla mozilla/1.5
- version/mozilla thunderbird/0.5
- version/mozilla thunderbird/0.9
- version/mozilla mozilla/1.7.1
- version/mozilla thunderbird/0.7.3
- version/mozilla firefox/0.9.3
- version/mozilla mozilla/1.4-alpha
- version/mozilla thunderbird/0.4
- version/mozilla thunderbird/0.7
- version/mozilla mozilla/1.5.1
- version/mozilla firefox/0.9.2
- version/mozilla mozilla/1.7.2
- version/mozilla thunderbird/0.1
- version/mozilla firefox/0.9-rc
- version/mozilla mozilla/1.7-rc3
- version/mozilla thunderbird/0.7.1
- version/mozilla thunderbird/0.8
- version/mozilla mozilla/1.7-rc2
- version/mozilla firefox/0.10
- version/mozilla mozilla/1.7.3
- version/mozilla mozilla/1.6-alpha
- version/mozilla mozilla/1.6