Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla prior to 1.7.3, and Thunderbird prior to 0.8 allow remote malicious users to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 0.8 |
||
mozilla firefox 0.9 |
||
mozilla mozilla 1.7.2 |
||
mozilla mozilla 1.7 |
||
netscape navigator 7.0.2 |
||
netscape navigator 7.1 |
||
mozilla mozilla 1.7.1 |
||
mozilla thunderbird 0.7.3 |
||
netscape navigator 7.0 |
||
mozilla firefox 0.9.1 |
||
mozilla firefox 0.9.2 |
||
mozilla thunderbird 0.6 |
||
mozilla thunderbird 0.7 |
||
netscape navigator 7.2 |
||
conectiva linux 10.0 |
||
mozilla firefox 0.9.3 |
||
mozilla thunderbird 0.7.1 |
||
mozilla thunderbird 0.7.2 |
||
conectiva linux 9.0 |
||
redhat enterprise linux 2.1 |
||
redhat linux 7.3 |
||
redhat enterprise linux desktop 3.0 |
||
redhat fedora core core_1.0 |
||
redhat enterprise linux 3.0 |
||
redhat linux 9.0 |
||
redhat linux advanced workstation 2.1 |