Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2701

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2701
Last Modified 07 Mar 2011 09:24:54
Published 23 Sep 2005 03:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2701

Summary

Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to execute arbitrary code via an XBM image file that ends in a large number of spaces instead of the expected end tag.

Vulnerable Systems

Application

  • Mozilla Firefox 1.0

  • Mozilla Firefox 1.0.1

  • Mozilla Firefox 1.0.2

  • Mozilla Firefox 1.0.3

  • Mozilla Firefox 1.0.4

  • Mozilla Firefox 1.0.5

  • Mozilla Firefox 1.0.6

  • Mozilla Suite 1.7.10

  • Mozilla Suite 1.7.11

  • Mozilla Suite 1.7.6

  • Mozilla Suite 1.7.7

  • Mozilla Suite 1.7.8


References

VUPEN - ADV-2005-1824

REDHAT - RHSA-2005:785

CONFIRM - http://www.mozilla.org/security/announce/mfsa2005-58.html

MANDRIVA - MDKSA-2005:170

MANDRIVA - MDKSA-2005:169

SECTRACK - 1014954

XF - mozilla-xbm-bo(22373)

UBUNTU - USN-200-1

BID - 15495

BID - 14916

REDHAT - RHSA-2005:789

FEDORA - FLSA-2006:168375

OSVDB - 19643

SUSE - SUSE-SA:2005:058

MANDRIVA - MDKSA-2005:174

DEBIAN - DSA-868

DEBIAN - DSA-866

DEBIAN - DSA-838

SECUNIA - 17284

SECUNIA - 17263

SECUNIA - 17149

SECUNIA - 17026

SECUNIA - 17014

SECUNIA - 16977

SECUNIA - 16917

SECUNIA - 16911

SCO - SCOSA-2005.49


Last Updated: 27 May 2016 10:40:36