CVE-2004-0902
CVSS10.0
发布时间 :2005-01-27 00:00:00
修订时间 :2016-10-17 22:49:49
NMCOS    

[原文]Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.


[CNNVD]Mozilla 多款浏览器软件 多个 缓存区溢出漏洞(CNNVD-200501-288)

        Mozilla是著名的浏览器软件。
        多个Mozilla浏览器(Firefox预览版之前的版本、Mozilla 1.7.3之前的版本及 Thunderbird 0.8之前版本)存在多个缓冲溢出漏洞。
        远程攻击者可以通过"Send page" 功能、恶意POP3应答或包含有非ASCII主机名的链接,导致应用程序崩溃或执行任意代码。

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/o:redhat:enterprise_linux:2.1::advanced_server
cpe:/o:redhat:enterprise_linux:3.0::advanced_server
cpe:/o:redhat:enterprise_linux:2.1::enterprise_server
cpe:/o:redhat:enterprise_linux:3.0::enterprise_server
cpe:/o:conectiva:linux:10.0Conectiva Linux 10.0
cpe:/o:redhat:enterprise_linux:2.1::advanced_server_ia64
cpe:/o:suse:suse_linux:1.0::desktop
cpe:/a:mozilla:mozilla:1.7.1Mozilla Mozilla 1.7.1
cpe:/a:mozilla:mozilla:1.7.2Mozilla Mozilla 1.7.2
cpe:/o:suse:suse_linux:9.0::x86_64
cpe:/o:redhat:linux:7.3Red Hat Linux 7.3
cpe:/o:redhat:linux:9.0::i386
cpe:/o:redhat:linux:7.3::i386
cpe:/o:redhat:enterprise_linux:3.0::workstation_server
cpe:/o:redhat:enterprise_linux:2.1::workstation
cpe:/a:mozilla:thunderbird:0.7.2Mozilla Thunderbird 0.7.2
cpe:/o:redhat:enterprise_linux_desktop:3.0Red Hat Desktop 3.0
cpe:/a:mozilla:thunderbird:0.7.1Mozilla Thunderbird 0.7.1
cpe:/a:mozilla:thunderbird:0.7.3Mozilla Thunderbird 0.7.3
cpe:/o:conectiva:linux:9.0Conectiva Linux 9.0
cpe:/o:redhat:linux:7.3::i686
cpe:/o:redhat:enterprise_linux:2.1::enterprise_server_ia64
cpe:/a:mozilla:thunderbird:0.7Mozilla Thunderbird 0.7
cpe:/o:redhat:enterprise_linux:2.1::workstation_ia64
cpe:/a:mozilla:mozilla:1.7Mozilla Mozilla 1.7
cpe:/o:redhat:linux_advanced_workstation:2.1::ia64
cpe:/o:suse:suse_linux:8.1SuSE SuSE Linux 8.1
cpe:/o:suse:suse_linux:9.0SuSE SuSE Linux 9.0
cpe:/o:redhat:fedora_core:core_1.0
cpe:/o:redhat:linux_advanced_workstation:2.1::itanium_processor
cpe:/o:suse:suse_linux:8::enterprise_server
cpe:/o:suse:suse_linux:9.0::enterprise_server
cpe:/o:suse:suse_linux:8.2SuSE SuSE Linux 8.2
cpe:/o:suse:suse_linux:9.1SuSE SuSE Linux 9.1

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:11201Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow r...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0902
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0902
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200501-288
(官方数据源) CNNVD

- 其它链接及资源

http://bugzilla.mozilla.org/show_bug.cgi?id=226669
(UNKNOWN)  CONFIRM  http://bugzilla.mozilla.org/show_bug.cgi?id=226669
http://bugzilla.mozilla.org/show_bug.cgi?id=245066
(UNKNOWN)  CONFIRM  http://bugzilla.mozilla.org/show_bug.cgi?id=245066
http://bugzilla.mozilla.org/show_bug.cgi?id=256316
(UNKNOWN)  CONFIRM  http://bugzilla.mozilla.org/show_bug.cgi?id=256316
http://bugzilla.mozilla.org/show_bug.cgi?id=258005
(UNKNOWN)  CONFIRM  http://bugzilla.mozilla.org/show_bug.cgi?id=258005
http://marc.info/?l=bugtraq&m=109698896104418&w=2
(UNKNOWN)  HP  SSRT4826
http://marc.info/?l=bugtraq&m=109900315219363&w=2
(UNKNOWN)  FEDORA  FLSA:2089
http://security.gentoo.org/glsa/glsa-200409-26.xml
(UNKNOWN)  GENTOO  GLSA-200409-26
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3
(UNKNOWN)  CONFIRM  http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3
http://www.novell.com/linux/security/advisories/2004_36_mozilla.html
(UNKNOWN)  SUSE  SUSE-SA:2004:036
http://www.us-cert.gov/cas/techalerts/TA04-261A.html
(VENDOR_ADVISORY)  CERT  TA04-261A
http://xforce.iss.net/xforce/xfdb/17378
(UNKNOWN)  XF  mozilla-netscape-nonascii-bo(17378)
http://xforce.iss.net/xforce/xfdb/17379
(VENDOR_ADVISORY)  XF  mozilla-nspop3protocol-bo(17379)

- 漏洞信息

Mozilla 多款浏览器软件 多个 缓存区溢出漏洞
危急 缓冲区溢出
2005-01-27 00:00:00 2005-10-20 00:00:00
远程  
        Mozilla是著名的浏览器软件。
        多个Mozilla浏览器(Firefox预览版之前的版本、Mozilla 1.7.3之前的版本及 Thunderbird 0.8之前版本)存在多个缓冲溢出漏洞。
        远程攻击者可以通过"Send page" 功能、恶意POP3应答或包含有非ASCII主机名的链接,导致应用程序崩溃或执行任意代码。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
        http://www.mozilla.org/

- 漏洞信息

10526
Mozilla Multiple Products Send Page Overflow
Input Manipulation
Loss of Integrity
Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2004-09-14 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Mozilla Multiple URI Processing Heap Based Buffer Overflow Vulnerabilities
Boundary Condition Error 11170
Yes No
2004-09-14 12:00:00 2009-07-12 07:06:00
Discovery of this issue is credited to Georgi Guninski <guninski@guninski.com>.

- 受影响的程序版本

SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Desktop 1.0
S.u.S.E. Linux 8.1
RedHat Linux 9.0 i386
RedHat Linux 7.3 i686
RedHat Linux 7.3 i386
RedHat Linux 7.3
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Desktop 3.0
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
Red Hat Fedora Core1
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux AS 2.1
Mozilla Thunderbird 0.7.3
Mozilla Thunderbird 0.7.2
Mozilla Thunderbird 0.7.1
Mozilla Thunderbird 0.7
Mozilla Browser 1.7.2
Mozilla Browser 1.7.1
Mozilla Browser 1.7
Conectiva Linux 10.0
Conectiva Linux 9.0
Mozilla Thunderbird 0.8
Mozilla Browser 1.7.3
+ HP HP-UX B.11.23
+ HP HP-UX B.11.22
+ HP HP-UX B.11.22
+ HP HP-UX B.11.11
+ HP HP-UX B.11.11
+ HP HP-UX B.11.11
+ HP HP-UX B.11.11
+ HP HP-UX B.11.00
+ HP HP-UX B.11.00
+ HP Tru64 5.1 B-2 PK4 (BL25)
+ HP Tru64 5.1 B-2 PK4 (BL25)
+ HP Tru64 5.1 B-2 PK4
+ HP Tru64 5.1 B-2 PK4
+ HP Tru64 5.1 B PK4
+ HP Tru64 5.1 B PK4
+ HP Tru64 5.1 A PK6 (BL24)
+ HP Tru64 5.1 A PK6 (BL24)
+ HP Tru64 5.1 A PK6
+ HP Tru64 5.1 A PK6

- 不受影响的程序版本

Mozilla Thunderbird 0.8
Mozilla Browser 1.7.3
+ HP HP-UX B.11.23
+ HP HP-UX B.11.22
+ HP HP-UX B.11.22
+ HP HP-UX B.11.11
+ HP HP-UX B.11.11
+ HP HP-UX B.11.11
+ HP HP-UX B.11.11
+ HP HP-UX B.11.00
+ HP HP-UX B.11.00
+ HP Tru64 5.1 B-2 PK4 (BL25)
+ HP Tru64 5.1 B-2 PK4 (BL25)
+ HP Tru64 5.1 B-2 PK4
+ HP Tru64 5.1 B-2 PK4
+ HP Tru64 5.1 B PK4
+ HP Tru64 5.1 B PK4
+ HP Tru64 5.1 A PK6 (BL24)
+ HP Tru64 5.1 A PK6 (BL24)
+ HP Tru64 5.1 A PK6
+ HP Tru64 5.1 A PK6

- 漏洞讨论

Mozilla is reportedly affected by multiple heap based buffer overflow vulnerabilities when processing URIs in emails. These issues are due to a failure of the affected application to validate user-supplied string lengths before copying them into finite process buffers.

An attacker might leverage these issues to have arbitrary code executed in the context of the user running the vulnerable application.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

- 解决方案

This issue has been addressed in Mozilla 1.7.3 and Thunderbird 0.8.

Conectiva has released an advisory (CLA-2004:877) to address various issues including this issue in Mozilla. This advisory contains updated Mozilla packages (1.7.3) for Conectiva Linux 9 and 10. Please see the referenced advisory for more information.

Gentoo has released an advisory (GLSA 200409-26) to address various issues in Mozilla Browsers. Please see the referenced advisory for more information. Gentoo users may carry out the following commands to update their systems.

emerge sync
emerge -pv your-version
emerge your-version

RedHat Linux has released advisory RHSA-2004:486-18 along with fixes to address this, and other issues for RedHat Enterprise Linux operating systems. Please see the referenced advisory for further information on obtaining fixes.

HP has released an advisory (SSRT4826) dealing with this issue for their Tru64 UNIX platform. Please see the referenced advisory for more information.

SuSE Linux has released advisory SUSE-SA:2004:036 along with fixes dealing with this issue. Please see the referenced advisory for more information.

MandrakeSoft has issued patches. Users are advised to see the attached advisory for more detail.

The Fedora Legacy project has released advisory FLSA-2004:2089 along with fixes to address multiple issues in RedHat Fedora Core 1, and RedHat Linux 7.3 and 9.0. Please see the referenced advisory for further information.


Mozilla Thunderbird 0.7

Mozilla Thunderbird 0.7.1

Mozilla Thunderbird 0.7.2

Mozilla Thunderbird 0.7.3

Mozilla Browser 1.7

Mozilla Browser 1.7.1

Mozilla Browser 1.7.2

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站