Lucene search

CERTVU:722244

HistoryJan 18, 2007 - 12:00 a.m.

Mozilla products vulnerable to heap overflow via miscalculated size during conversion of an image

2007-01-1800:00:00

www.kb.cert.org

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.237 Low

EPSS

Percentile

96.5%

JSON

Overview

A vulnerability exists in Mozilla products that may allow a remote attacker to execute arbitrary code or cause a denial of service.

Description

Mozilla products contain a vulnerability in the CSS cursor property on Microsoft Windows that may result in a crash when handling malicious images. According to the Mozilla Foundation Security Advisory 2006-69:

A miscalculated size during conversion of the image to a Windows bitmap can result in a heap buffer overflow which could be used to compromise the victim’s computer.

Mozilla also states that this flaw affects both Firefox 2 and Firefox 1.5 but not the earlier Firefox 1.0 or Mozilla Suite products.

Impact

A remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial of service.

Solution

Apply an update
According to the Mozilla Foundation Security Advisory 2006-69, this vulnerability is addressed in Firefox 2.0.0.1, Firefox 1.5.0.9, Thunderbird 1.5.0.9, and SeaMonkey 1.0.7.

Vendor Information

722244

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Gentoo Linux __ Affected

Updated: January 18, 2007

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Gentoo Linux has published advisories GLSA 200701-02, 200701-03, and 200701-04 in response to this issue. Please refer to those advisories for additional details.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23722244 Feedback>).

Mandriva, Inc. __ Affected

Updated: January 18, 2007

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Mandriva has published advisories MDKSA-2007:010, and MDKSA-2007:011 in response to this issue. Please refer to those advisories for additional details.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23722244 Feedback>).

Mozilla __ Affected

Updated: December 21, 2006

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Refer to Mozilla Foundation Security Advisory 2006-69.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23722244 Feedback>).

SUSE Linux __ Affected

Updated: January 18, 2007

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Refer to SUSE-SA:2007:006.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23722244 Feedback>).