CVE ID:	CVE-2004-0904
Description:	Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
Test IDs:	1.3.6.1.4.1.25623.1.0.52368   1.3.6.1.4.1.25623.1.0.51179
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0904 http://marc.theaimsgroup.com/?l=bugtraq&m=109900315219363&w=2 http://security.gentoo.org/glsa/glsa-200409-26.xml HPdes Security Advisory: SSRT4826 http://marc.theaimsgroup.com/?l=bugtraq&m=109698896104418&w=2 SuSE Security Announcement: SUSE-SA:2004:036 (Google Search) http://www.novell.com/linux/security/advisories/2004_36_mozilla.html Cert/CC Advisory: TA04-261A http://www.us-cert.gov/cas/techalerts/TA04-261A.html CERT/CC vulnerability note: VU#847200 http://www.kb.cert.org/vuls/id/847200 BugTraq ID: 11171 http://www.securityfocus.com/bid/11171 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10952 XForce ISS Database: mozilla-netscape-bmp-bo(17381) http://xforce.iss.net/xforce/xfdb/17381

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: