14937 : Multiple Browser GIF Processing Overflow
Printer | http://osvdb.org/14937 | Email This | Edit Vulnerability

Views This Week

1

Views All Time

1297

Info

Last Modified

about 1 year ago

Percent Complete

5%

Disclosure

Mar 23, 2005

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

This Entry needs help! It is only 5% Complete. Click the edit link above to add more information.

Contributing is fast and easy, and benefits the entire security community.

Keywords

SCOSA-2005.49

Description

(Description Provided by CVE) : Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.

Classification

Attack Type: Input Manipulation

Products

Unknown or Incomplete

References

Security Tracker: 1013517 1013518 1013519
Secunia Advisory ID: 14654 14684 14685 14699 14706 14709 14714 14735 14736 14737 15103 15432 17645 19823
ISS X-Force ID: 19269
CVE ID: 2005-0399 (see also: NVD)
CERT VU: 557948
Vendor Specific Advisory URL: ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4.htm ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01133
http://www.mozilla.org/security/announce/mfsa2005-30.html
http://www.novell.com/linux/security/advisories/2006_04_25.html
Other Advisory URL: ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.25/SCOSA-2005.25.txt http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware- ......
http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml
http://www.gentoo.org/security/en/glsa/glsa-200503-31.xml
http://www.gentoo.org/security/en/glsa/glsa-200503-32.xml
http://xforce.iss.net/xforce/alerts/id/191
Vendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=285595
CIAC Advisory: p-160
RedHat RHSA: RHSA-2005:323 RHSA-2005:337
Keyword: SCOSA-2005.49

Tools & Filters

Nessus	17603 17605 17619 17620 17624 17626 17627 17628 17632 18277 18320 18998 19632 19633 19634 20546
Snort	3534 3536 6502 6503

Credit

Unknown or Incomplete

Blogs

Provided by Technorati

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

User Status

Account
- Login
- Sign-Up

Quick Searches

Advertisements

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2008 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use