Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2061

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-2061
Last Modified 10 Sep 2008 03:16:16
Published 31 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-2061

Summary

Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an 8-bit or 16-bit alpha channel.

Vulnerable Systems

Application

  • Mozilla 1.0

  • Netscape Navigator 6.2.3


References

CONFIRM - http://www.mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html

XF - links-png-image-bo(9287)

CONFIRM - http://bugzilla.mozilla.org/show_bug.cgi?id=157202

MANDRAKE - MDKSA-2002:074


Last Updated: 27 May 2016 10:37:36