CVE-2004-0904 Information
Description
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release Mozilla before 1.7.3 and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
Reference
http://bugzilla.mozilla.org/show_bug.cgi?id=255067 http://marc.info/?l=bugtraq&m=109698896104418&w=2 http://marc.info/?l=bugtraq&m=109900315219363&w=2 http://security.gentoo.org/glsa/glsa-200409-26.xml http://www.kb.cert.org/vuls/id/847200 http://www.mozilla.org/projects/security/known-vulnerabilities.htmlmozilla1.7.3 http://www.novell.com/linux/security/advisories/2004_36_mozilla.html http://www.securityfocus.com/bid/11171 http://www.us-cert.gov/cas/techalerts/TA04-261A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/17381 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10952
Share on: