Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2004-0904 | First vendor Publication | 2004-12-31 |
Vendor | Cve | Last vendor Modification | 2017-10-11 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0904 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10952 | |||
Oval ID: | oval:org.mitre.oval:def:10952 | ||
Title: | Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows. | ||
Description: | Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0904 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for Mozilla File : nvt/sles9p5012017.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200409-26 (Mozilla) File : nvt/glsa_200409_26.nasl |
2008-09-04 | Name : FreeBSD Ports: thunderbird File : nvt/freebsd_thunderbird3.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
10525 | Mozilla Multiple Products BMP Image Overflow |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Windows Bitmap width integer overflow multipacket attempt RuleID : 3634 - Revision : 9 - Type : WEB-CLIENT |
2014-01-10 | Microsoft Windows Bitmap width integer overflow attempt RuleID : 3632 - Revision : 25 - Type : FILE-IMAGE |
2015-10-01 | Microsoft Windows Bitmap width integer overflow attempt RuleID : 35848 - Revision : 3 - Type : FILE-IMAGE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_ab9c559e115a11d9bc4a000c41e2cdad.nasl - Type : ACT_GATHER_INFO |
2004-10-20 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-107.nasl - Type : ACT_GATHER_INFO |
2004-10-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-486.nasl - Type : ACT_GATHER_INFO |
2004-09-21 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200409-26.nasl - Type : ACT_GATHER_INFO |
2004-09-15 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_multiple_flaws.nasl - Type : ACT_GATHER_INFO |
2004-09-15 | Name : The remote host has an application that is affected by multiple flaws. File : thunderbird_multiple_flaws.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-02 01:02:37 |
|
2024-02-01 12:01:33 |
|
2023-09-05 12:02:30 |
|
2023-09-05 01:01:25 |
|
2023-09-02 12:02:31 |
|
2023-09-02 01:01:24 |
|
2023-08-12 12:03:03 |
|
2023-08-12 01:01:25 |
|
2023-08-11 12:02:37 |
|
2023-08-11 01:01:26 |
|
2023-08-06 12:02:25 |
|
2023-08-06 01:01:26 |
|
2023-08-04 12:02:29 |
|
2023-08-04 01:01:26 |
|
2023-07-14 12:02:28 |
|
2023-07-14 01:01:27 |
|
2023-03-29 01:02:29 |
|
2023-03-28 12:01:31 |
|
2022-10-11 12:02:12 |
|
2022-10-11 01:01:18 |
|
2021-05-04 12:02:25 |
|
2021-04-22 01:02:34 |
|
2020-05-23 00:15:54 |
|
2019-06-25 12:01:01 |
|
2017-10-11 09:23:24 |
|
2017-07-11 12:01:31 |
|
2016-10-18 12:01:23 |
|
2016-04-26 12:54:02 |
|
2015-10-01 21:19:08 |
|
2014-02-17 10:28:06 |
|
2014-01-19 21:22:19 |
|
2013-08-02 13:19:35 |
|
2013-05-11 11:43:17 |
|