Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:1EB193E4235BBBDCF04AC6AA3BD7BC9E
HistoryJun 09, 2006 - 12:00 a.m.

Mozilla Firefox GIF processing buffer overflow

2006-06-0900:00:00
SAINT Corporation
download.saintcorporation.com
13

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.954 High

EPSS

Percentile

99.2%

JSON

Added: 06/09/2006
CVE: CVE-2005-0399
BID: 12881
OSVDB: 14937

Background

Mozilla is a suite of Internet client products available for multiple platforms.

Problem

A heap overflow in Mozilla Firefox when processing GIF images with the obsolete Netscape extension 2 allows command execution when a user visits a malicious web site.

Resolution

Upgrade to Firefox 1.0.2 or higher.

References

<http://www.mozilla.org/security/announce/2005/mfsa2005-30.html&gt;

Limitations

Exploit works on Firefox 1.0.1. In order for exploitation to succeed, a user must load the exploit page in a vulnerable browser.

Platforms

Windows 2000
Windows XP

Related

nessus 17
openvas 11
mozilla 1
ubuntucve 1
cert 1
cve 1
saint 3
checkpoint_advisories 2
freebsd 1
redhat 4
gentoo 3
suse 2
ubuntu 1
nessus
nessus
FreeBSD : mozilla -- heap buffer overflow in GIF image processing (7d2aac52-9c6b-11d9-99a7-000a95bc6fae)
2005-07-13 00:00:00
Mozilla Thunderbird < 1.0.2 Browser GIF Processing Overflow
2005-03-23 00:00:00
Fedora Core 3 : thunderbird-1.0.2-1.3.1 (2005-247)
2005-09-12 00:00:00
openvas
openvas
FreeBSD Ports: firefox
2008-09-04 00:00:00
FreeBSD Ports: firefox
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200503-31 (Firefox)
2008-09-24 00:00:00
mozilla
mozilla
GIF heap overflow parsing Netscape extension 2 — Mozilla
2005-03-22 00:00:00
ubuntucve
ubuntucve
CVE-2005-0399
2005-05-02 00:00:00
cert
cert
Mozilla products vulnerable to heap overflow via specially crafted GIF file
2005-03-30 00:00:00
cve
cve
CVE-2005-0399
2005-05-02 04:00:00
saint
saint
Mozilla Firefox GIF processing buffer overflow
2006-06-09 00:00:00
Mozilla Firefox GIF processing buffer overflow
2006-06-09 00:00:00
Mozilla Firefox GIF processing buffer overflow
2006-06-09 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Products Malformed GIF Buffer Overflow (CVE-2005-0399)
2015-08-31 00:00:00
Multiple Products Malformed GIF Image File Handling Buffer Overflow (CVE-2005-0243; CVE-2005-0399; CVE-2007-1071)
2005-03-26 00:00:00
freebsd
freebsd
mozilla -- heap buffer overflow in GIF image processing
2005-03-10 00:00:00
redhat
redhat
(RHSA-2005:337) thunderbird security update
2005-03-23 00:00:00
(RHSA-2005:336) firefox security update
2005-03-23 00:00:00
(RHSA-2005:323) mozilla security update
2005-03-23 00:00:00
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2005-03-25 00:00:00
Mozilla Thunderbird: Multiple vulnerabilities
2005-03-25 00:00:00
Mozilla Suite: Multiple vulnerabilities
2005-03-25 00:00:00
suse
suse
remote code execution in MozillaThunderbird
2006-04-25 13:15:04
remote code execution in phpMyAdmin
2006-01-26 13:53:52
ubuntu
ubuntu
Ubuntu 4.10 update for Firefox vulnerabilities
2005-07-28 00:00:00

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.954 High

EPSS

Percentile

99.2%

JSON
Related for SAINT:1EB193E4235BBBDCF04AC6AA3BD7BC9E
nessus17openvas11mozilla1ubuntucve1cert1cve1saint3checkpoint_advisories2freebsd1redhat4gentoo3suse2ubuntu1