Vulnerability in Conectiva Linux
CVE-2004-0904
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based bu…
EPSS: 0.080 (94.0th percentile) — read the EPSS interpretation.
Affected products
- Conectiva Linux — versions 9.0, 10.0
- Mozilla Firefox — versions 0.8, 0.9, 0.9.1
- Mozilla — versions 1.7, 1.7.1, 1.7.2
- Mozilla Thunderbird — versions 0.6, 0.7, 0.7.1
- Netscape Navigator — versions 7.0, 7.0.2, 7.1
- Redhat Enterprise_linux — versions 2.1, 3.0
- Redhat Enterprise_linux_desktop — versions 3.0
- Redhat Fedora_core — versions core_1.0
- Redhat Linux — versions 7.3, 9.0
- Redhat Linux_advanced_workstation — versions 2.1
References
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (vendor-advisory, x_refsource_SUSE)
- cve@mitre.org (x_refsource_FEDORA, vendor-advisory)
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (vendor-advisory, x_refsource_GENTOO)
- cve@mitre.org (vdb-entry, x_refsource_BID, Vendor Advisory)
- cve@mitre.org (US Government Resource, x_refsource_CERT, third-party-advisory)
- cve@mitre.org (x_refsource_HP, vendor-advisory)
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)