PT-2002-1071 · Gnome+2 · Nautilus-Devel+4
Published
2002-08-28
·
Updated
2016-10-18
·
CVE-2002-1091
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Netscape versions 6.2.3 and earlier
Mozilla version 1.0.1
nautilus-devel versions 1.0.4 and earlier
nautilus versions 1.0.4 and earlier
nautilus-mozilla versions 1.0.4 and earlier
Description
The issue allows remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width. Exploitation of the vulnerabilities can lead to disruption of confidentiality, integrity, and availability of protected information. The exploitation can be carried out remotely.
Recommendations
For Netscape versions 6.2.3 and earlier, update to a version later than 6.2.3 to resolve the issue.
For Mozilla version 1.0.1, update to a version later than 1.0.1 to resolve the issue.
For nautilus-devel versions 1.0.4 and earlier, update to a version later than 1.0.4 to resolve the issue.
For nautilus versions 1.0.4 and earlier, update to a version later than 1.0.4 to resolve the issue.
For nautilus-mozilla versions 1.0.4 and earlier, update to a version later than 1.0.4 to resolve the issue.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Mozilla Firefox
Netscape
Nautilus
Nautilus-Devel
Nautilus-Mozilla