← back
CVE-2004-0904

CVE-2004-0904

EPSS 8.0%
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://bugzilla.mozilla.org/show_bug.cgi?id=255067http://marc.info/?l=bugtraq&m=109698896104418&w=2http://marc.info/?l=bugtraq&m=109900315219363&w=2http://security.gentoo.org/glsa/glsa-200409-26.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/17381https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10952http://www.kb.cert.org/vuls/id/847200http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3http://www.novell.com/linux/security/advisories/2004_36_mozilla.htmlhttp://www.securityfocus.com/bid/11171http://www.us-cert.gov/cas/techalerts/TA04-261A.html