Lucene search

[email protected]NVD:CVE-2005-0399

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0399

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.941 High

EPSS

Percentile

99.2%

JSON

Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.

Affected configurations

NVD

Node

mozillafirefoxMatch0.8

mozillafirefoxMatch0.9

mozillafirefoxMatch0.9rc

mozillafirefoxMatch0.9.1

mozillafirefoxMatch0.9.2

mozillafirefoxMatch0.9.3

mozillafirefoxMatch0.10

mozillafirefoxMatch0.10.1

mozillafirefoxMatch1.0

mozillafirefoxMatch1.0.1

mozillamozillaMatch1.3

mozillamozillaMatch1.4

mozillamozillaMatch1.4alpha

mozillamozillaMatch1.4.1

mozillamozillaMatch1.5

mozillamozillaMatch1.5alpha

mozillamozillaMatch1.5rc1

mozillamozillaMatch1.5rc2

mozillamozillaMatch1.5.1

mozillamozillaMatch1.6

mozillamozillaMatch1.6alpha

mozillamozillaMatch1.6beta

mozillamozillaMatch1.7

mozillamozillaMatch1.7alpha

mozillamozillaMatch1.7beta

mozillamozillaMatch1.7rc1

mozillamozillaMatch1.7rc2

mozillamozillaMatch1.7rc3

mozillamozillaMatch1.7.1

mozillamozillaMatch1.7.2

mozillamozillaMatch1.7.3

mozillamozillaMatch1.7.5

mozillathunderbirdMatch0.1

mozillathunderbirdMatch0.2

mozillathunderbirdMatch0.3

mozillathunderbirdMatch0.4

mozillathunderbirdMatch0.5

mozillathunderbirdMatch0.6

mozillathunderbirdMatch0.7

mozillathunderbirdMatch0.7.1

mozillathunderbirdMatch0.7.2

mozillathunderbirdMatch0.7.3

mozillathunderbirdMatch0.8

mozillathunderbirdMatch0.9

mozillathunderbirdMatch1.0

mozillathunderbirdMatch1.0.1

References

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt

secunia.com/advisories/14654

secunia.com/advisories/19823

www.ciac.org/ciac/bulletins/p-160.shtml

www.gentoo.org/security/en/glsa/glsa-200503-30.xml

www.kb.cert.org/vuls/id/557948

www.mozilla.org/security/announce/mfsa2005-30.html

www.novell.com/linux/security/advisories/2006_04_25.html

www.redhat.com/support/errata/RHSA-2005-323.html

www.redhat.com/support/errata/RHSA-2005-335.html

www.redhat.com/support/errata/RHSA-2005-336.html

www.redhat.com/support/errata/RHSA-2005-337.html

www.securityfocus.com/bid/12881

www.securityfocus.com/bid/15495

www.vupen.com/english/advisories/2005/0296

xforce.iss.net/xforce/alerts/id/191

bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877

exchange.xforce.ibmcloud.com/vulnerabilities/19269

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100028

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11377

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.941 High

EPSS

Percentile

99.2%

JSON

Related for NVD:CVE-2005-0399

nessus17 saint4 openvas11 mozilla1 cert1 ubuntucve1 cve1 cvelist1 checkpoint_advisories2 freebsd1 redhat4 gentoo3 suse2 ubuntu1