Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0420

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-0420
Last Modified 12 Apr 2011 12:00:00
Published 11 Feb 2008 10:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0420

Summary

modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows remote attackers to read portions of memory uninitialized via a crafted 8-bit bitmap (BMP) file that triggers an out-of-bounds read within the heap, as demonstrated using a CANVAS element; or cause a denial of service (application crash) via a crafted 8-bit bitmap file that triggers an out-of-bounds read. NOTE: the initial public reports stated that this affected Firefox in Ubuntu 6.06 through 7.10.

Vulnerable Systems

Application

  • Mozilla Firefox 0.1

  • Mozilla Firefox 0.2

  • Mozilla Firefox 0.3

  • Mozilla Firefox 0.4

  • Mozilla Firefox 0.5

  • Mozilla Firefox 0.6

  • Mozilla Firefox 0.6.1

  • Mozilla Firefox 0.7

  • Mozilla Firefox 0.7.1

  • Mozilla Firefox 0.8

  • Mozilla Firefox 0.9

  • Mozilla Firefox 0.9.1

  • Mozilla Firefox 0.9.2

  • Mozilla Firefox 0.9.3

  • Mozilla Firefox 1.0

  • Mozilla Firefox 1.0.3

  • Mozilla Firefox 1.0.5

  • Mozilla Firefox 1.0.8

  • Mozilla Firefox 1.5

  • Mozilla Firefox 1.5.0.1

  • Mozilla Firefox 1.5.0.10

  • Mozilla Firefox 1.5.0.12

  • Mozilla Firefox 1.5.0.2

  • Mozilla Firefox 1.5.0.4

  • Mozilla Firefox 1.5.0.6

  • Mozilla Firefox 1.5.0.7

  • Mozilla Firefox 1.5.0.9

  • Mozilla Firefox 2.0

  • Mozilla Firefox 2.0.0.1

  • Mozilla Firefox 2.0.0.10

  • Mozilla Firefox 2.0.0.11

  • Mozilla Firefox 2.0.0.2

  • Mozilla Firefox 2.0.0.7

  • Mozilla Firefox 2.0.0.8

  • Mozilla Firefox 2.0.0.9

  • Mozilla Seamonkey 1.0

  • Mozilla Seamonkey 1.0.1

  • Mozilla Seamonkey 1.0.2

  • Mozilla Seamonkey 1.0.3

  • Mozilla Seamonkey 1.0.5

  • Mozilla Seamonkey 1.0.6

  • Mozilla Seamonkey 1.0.7

  • Mozilla Seamonkey 1.0.8

  • Mozilla Seamonkey 1.0.9

  • Mozilla Seamonkey 1.1

  • Mozilla Seamonkey 1.1.1

  • Mozilla Seamonkey 1.1.2

  • Mozilla Seamonkey 1.1.6

  • Mozilla Seamonkey 1.1.7

  • Mozilla Thunderbird 0.1

  • Mozilla Thunderbird 0.5

  • Mozilla Thunderbird 0.6

  • Mozilla Thunderbird 0.7

  • Mozilla Thunderbird 0.8

  • Mozilla Thunderbird 0.9

  • Mozilla Thunderbird 1.0

  • Mozilla Thunderbird 1.0.2

  • Mozilla Thunderbird 1.0.5

  • Mozilla Thunderbird 1.0.6

  • Mozilla Thunderbird 1.0.8

  • Mozilla Thunderbird 1.5

  • Mozilla Thunderbird 1.5.0.12

  • Mozilla Thunderbird 1.5.0.13

  • Mozilla Thunderbird 1.5.0.14

  • Mozilla Thunderbird 1.5.0.2

  • Mozilla Thunderbird 1.5.0.4

  • Mozilla Thunderbird 1.5.0.5

  • Mozilla Thunderbird 1.5.0.7

  • Mozilla Thunderbird 1.5.0.9

  • Mozilla Thunderbird 2.0.0.0

  • Mozilla Thunderbird 2.0.0.11

  • Mozilla Thunderbird 2.0.0.4

  • Mozilla Thunderbird 2.0.0.5

  • Mozilla Thunderbird 2.0.0.6

  • Mozilla Thunderbird 2.0.0.9


References

FEDORA - FEDORA-2008-2118

FEDORA - FEDORA-2008-2060

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=408076

XF - firefox-bmp-dos(40606)

XF - firefox-bmp-information-disclosure(40491)

VUPEN - ADV-2008-1793

VUPEN - ADV-2008-0627

UBUNTU - USN-576-1

UBUNTU - USN-582-2

UBUNTU - USN-582-1

BID - 27826

BUGTRAQ - 20080216 [HISPASEC] FireFox 2.0.0.11 and Opera 9.50 beta Remote Memory Information Leak, FireFox 2.0.0.11 Remote Denial of Service

CONFIRM - http://www.mozilla.org/security/announce/2008/mfsa2008-07.html

MANDRIVA - MDVSA-2008:048

GENTOO - GLSA-200805-18

SUNALERT - 238492

SECTRACK - 1019434

SECUNIA - 30620

SECUNIA - 30327

SECUNIA - 29167

SECUNIA - 29098

SECUNIA - 29049

SECUNIA - 28839

SECUNIA - 28758

CONFIRM - http://browser.netscape.com/releasenotes/


Last Updated: 27 May 2016 10:46:48