PT-2005-1462 · Mozilla+1 · Mozilla Firefox+3

Josh Bressers

Published

2005-03-23

Updated

2018-05-03

CVE-2005-0399

CVSS v2.0

5.1

Medium

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 1.0.2 Mozilla versions prior to 1.7.6 Thunderbird versions prior to 1.0.2

Description A heap-based buffer overflow issue exists, allowing remote attackers to execute arbitrary code via a crafted GIF image. The issue is related to the Netscape extension 2 block and buffer size in the GIF2.cpp library.

Recommendations For Firefox versions prior to 1.0.2, update to version 1.0.2 or later. For Mozilla versions prior to 1.7.6, update to version 1.7.6 or later. For Thunderbird versions prior to 1.0.2, update to version 1.0.2 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-0399

RHSA-2005:335

RHSA-2005:336

RHSA-2005:337

RHSA-2005_323

RHSA-2005_335

RHSA-2005_336

RHSA-2005_337

Affected Products

Firefox

Mozilla Firefox

Red Hat

Thunderbird

PT-2005-1462 · Mozilla+1 · Mozilla Firefox+3

CVE-2005-0399

Related Identifiers

Affected Products

References · 47