CVE-2004-0904
CVSS10.0
发布时间 :2004-12-31 00:00:00
修订时间 :2016-10-17 22:49:51
NMCO    

[原文]Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.


[CNNVD]Mozilla浏览器BMP图像译码多个整数溢出漏洞(CNNVD-200412-656)

        Mozilla Firefox Preview Release之前版本,Mozilla 1.7.3之前版本,以及Thunderbird 0.8之前版本中的位图(BMP)译码存在整数溢出漏洞。远程攻击者可以借助触发基于堆的缓冲区溢出的宽位图文件执行任意代码。

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:mozilla:firefox:0.9.1Mozilla Firefox 0.9.1
cpe:/o:redhat:enterprise_linux:2.1::advanced_server
cpe:/o:redhat:enterprise_linux:3.0::advanced_server
cpe:/a:mozilla:firefox:0.9.2Mozilla Firefox 0.9.2
cpe:/o:redhat:enterprise_linux:2.1::enterprise_server
cpe:/o:redhat:enterprise_linux:3.0::enterprise_server
cpe:/o:conectiva:linux:10.0Conectiva Linux 10.0
cpe:/o:redhat:enterprise_linux:2.1::advanced_server_ia64
cpe:/a:mozilla:mozilla:1.7.1Mozilla Mozilla 1.7.1
cpe:/a:mozilla:mozilla:1.7.2Mozilla Mozilla 1.7.2
cpe:/a:netscape:navigator:7.0.2Netscape Navigator 7.0.2
cpe:/o:redhat:linux:7.3Red Hat Linux 7.3
cpe:/o:redhat:linux:9.0::i386
cpe:/a:netscape:navigator:7.0Netscape Navigator 7.0
cpe:/o:redhat:linux:7.3::i386
cpe:/a:mozilla:firefox:0.9Mozilla Firefox 0.9
cpe:/o:redhat:enterprise_linux:3.0::workstation_server
cpe:/a:mozilla:firefox:0.8Mozilla Firefox 0.8
cpe:/a:netscape:navigator:7.2Netscape Navigator 7.2
cpe:/o:redhat:enterprise_linux:2.1::workstation
cpe:/a:mozilla:thunderbird:0.7.2Mozilla Thunderbird 0.7.2
cpe:/a:netscape:navigator:7.1Netscape Navigator 7.1
cpe:/o:redhat:enterprise_linux_desktop:3.0Red Hat Desktop 3.0
cpe:/a:mozilla:firefox:0.9:rcMozilla Firefox 0.9 rc
cpe:/a:mozilla:mozilla:1.7:rc3Mozilla Mozilla 1.7 rc3
cpe:/a:mozilla:thunderbird:0.7.1Mozilla Thunderbird 0.7.1
cpe:/a:mozilla:firefox:0.9.3Mozilla Firefox 0.9.3
cpe:/a:mozilla:thunderbird:0.7.3Mozilla Thunderbird 0.7.3
cpe:/o:conectiva:linux:9.0Conectiva Linux 9.0
cpe:/o:redhat:linux:7.3::i686
cpe:/a:mozilla:thunderbird:0.6Mozilla Thunderbird 0.6
cpe:/o:redhat:enterprise_linux:2.1::enterprise_server_ia64
cpe:/a:mozilla:thunderbird:0.7Mozilla Thunderbird 0.7
cpe:/o:redhat:enterprise_linux:2.1::workstation_ia64
cpe:/a:mozilla:mozilla:1.7Mozilla Mozilla 1.7
cpe:/o:redhat:linux_advanced_workstation:2.1::ia64
cpe:/o:redhat:fedora_core:core_1.0
cpe:/o:redhat:linux_advanced_workstation:2.1::itanium_processor

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10952Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0....
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0904
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0904
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200412-656
(官方数据源) CNNVD

- 其它链接及资源

http://bugzilla.mozilla.org/show_bug.cgi?id=255067
(VENDOR_ADVISORY)  CONFIRM  http://bugzilla.mozilla.org/show_bug.cgi?id=255067
http://marc.info/?l=bugtraq&m=109698896104418&w=2
(UNKNOWN)  HP  SSRT4826
http://marc.info/?l=bugtraq&m=109900315219363&w=2
(UNKNOWN)  FEDORA  FLSA:2089
http://security.gentoo.org/glsa/glsa-200409-26.xml
(UNKNOWN)  GENTOO  GLSA-200409-26
http://www.kb.cert.org/vuls/id/847200
(VENDOR_ADVISORY)  CERT-VN  VU#847200
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3
(UNKNOWN)  CONFIRM  http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3
http://www.novell.com/linux/security/advisories/2004_36_mozilla.html
(UNKNOWN)  SUSE  SUSE-SA:2004:036
http://www.securityfocus.com/bid/11171
(VENDOR_ADVISORY)  BID  11171
http://www.us-cert.gov/cas/techalerts/TA04-261A.html
(UNKNOWN)  CERT  TA04-261A
http://xforce.iss.net/xforce/xfdb/17381
(VENDOR_ADVISORY)  XF  mozilla-netscape-bmp-bo(17381)

- 漏洞信息

Mozilla浏览器BMP图像译码多个整数溢出漏洞
危急 缓冲区溢出
2004-12-31 00:00:00 2006-08-23 00:00:00
远程  
        Mozilla Firefox Preview Release之前版本,Mozilla 1.7.3之前版本,以及Thunderbird 0.8之前版本中的位图(BMP)译码存在整数溢出漏洞。远程攻击者可以借助触发基于堆的缓冲区溢出的宽位图文件执行任意代码。

- 公告与补丁

        This issue has been addressed in Mozilla 1.7.3, Firefox Preview
        Release, and Thunderbird 0.8.
        Conectiva has released an advisory (CLA-2004:877) to address various issues including this issue in Mozilla. This advisory contains updated Mozilla packages (1.7.3) for Conectiva Linux 9 and 10. Please see the referenced advisory for more information.
        Gentoo has released an advisory (GLSA 200409-26) to address various issues in Mozilla Browsers. Please see the referenced advisory for more information. Gentoo users may carry out the following commands to update their systems.
        emerge sync
        emerge -pv your-version
        emerge your-version
        RedHat Linux has released advisory RHSA-2004:486-18 along with fixes to address this, and other issues for RedHat Enterprise Linux operating systems. Please see the referenced advisory for further information on obtaining fixes.
        HP has released an advisory (SSRT4826) dealing with this issue for their Tru64 UNIX platform. Please see the referenced advisory for more information.
        The Fedora Legacy project has released advisory FLSA-2004:2089 along with fixes to address multiple issues in RedHat Fedora Core 1, and RedHat Linux 7.3 and 9.0. Please see the referenced advisory for further information.
        Mozilla Thunderbird 0.6
        
        Mozilla Thunderbird 0.7
        
        Mozilla Thunderbird 0.7.1
        
        Mozilla Thunderbird 0.7.2
        
        Mozilla Thunderbird 0.7.3
        
        Mozilla Firefox 0.8
        
        Mozilla Firefox 0.9
        
        Mozilla Firefox 0.9 rc
        
        Mozilla Firefox 0.9.1
        
        Mozilla Firefox 0.9.2
        
        Mozilla Firefox 0.9.3
        
        Mozilla Browser 1.7
        
        Mozilla Browser 1.7 rc3
        
        Mozilla Browser 1.7.1
        
        Mozilla Browser 1.7.2
        

- 漏洞信息

10525
Mozilla Multiple Products BMP Image Overflow
Input Manipulation
Loss of Integrity

- 漏洞描述

Unknown or Incomplete

- 时间线

2004-09-14 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete
 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站