Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2004-0904

Опубликовано: 31 дек. 2004
Источник: nvd
CVSS2: 10
EPSS Средний

Описание

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.7:rc3:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:netscape:navigator:7.0:*:*:*:*:*:*:*
cpe:2.3:a:netscape:navigator:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:netscape:navigator:7.1:*:*:*:*:*:*:*
cpe:2.3:a:netscape:navigator:7.2:*:*:*:*:*:*:*
cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*
cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*
cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*

EPSS

Процентиль: 95%
0.20716
Средний

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

redhat логотип

CVE-2004-0904

redhat
почти 21 год назад

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.

debian логотип

CVE-2004-0904

debian
больше 20 лет назад

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox befor ...

github логотип

GHSA-238r-rqpq-9cqf

github
около 3 лет назад

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.

EPSS

Процентиль: 95%
0.20716
Средний

10 Critical

CVSS2

Дефекты

NVD-CWE-Other