Lucene search

MitreCVE-2002-2061

HistoryJul 14, 2005 - 4:00 a.m.

CVE-2002-2061

2005-07-1404:00:00

mitre

web.nvd.nist.gov

cve-2002-2061

heap-based buffer overflow

netscape 6.2.3

mozilla 1.0

remote execution

png image vulnerability

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.029

Percentile

90.8%

JSON

Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an 8-bit or 16-bit alpha channel.

Affected configurations

Nvd

Node

mozillamozillaRange≤1.0

netscapenavigatorMatch6.2.3

VendorProductVersionCPE
mozillamozilla*cpe:2.3:a:mozilla:mozilla:*:*:*:*:*:*:*:*
netscapenavigator6.2.3cpe:2.3:a:netscape:navigator:6.2.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	mozilla	*	cpe:2.3:a:mozilla:mozilla::::::::
netscape	navigator	6.2.3	cpe:2.3:a:netscape:navigator:6.2.3:::::::*

References

bugzilla.mozilla.org/show_bug.cgi?id=157202

www.iss.net/security_center/static/9287.php

www.mandriva.com/security/advisories?name=MDKSA-2002:074

www.mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.029

Percentile

90.8%

JSON

Related for CVE-2002-2061