Description

Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.

References

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt

http://secunia.com/advisories/14654

http://secunia.com/advisories/19823

http://www.ciac.org/ciac/bulletins/p-160.shtml

http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml

http://www.kb.cert.org/vuls/id/557948

http://www.mozilla.org/security/announce/mfsa2005-30.html

http://www.novell.com/linux/security/advisories/2006_04_25.html

http://www.redhat.com/support/errata/RHSA-2005-323.html

http://www.redhat.com/support/errata/RHSA-2005-335.html

http://www.redhat.com/support/errata/RHSA-2005-336.html

http://www.redhat.com/support/errata/RHSA-2005-337.html

http://www.securityfocus.com/bid/12881

http://www.securityfocus.com/bid/15495

http://www.vupen.com/english/advisories/2005/0296

http://xforce.iss.net/xforce/alerts/id/191

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877

https://exchange.xforce.ibmcloud.com/vulnerabilities/19269

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100028

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11377

Details

Risk Information

CVSS v2