Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2004-0904
HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-0904

2004-12-3105:00:00
[email protected]
web.nvd.nist.gov
43
cve-2004-0904
bitmap decoder
mozilla
firefox
thunderbird
integer overflow
heap-based buffer overflow
nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.117 Low

EPSS

Percentile

95.3%

JSON

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.

Affected configurations

NVD
Node
mozillafirefoxMatch0.8
OR
mozillafirefoxMatch0.9
OR
mozillafirefoxMatch0.9rc
OR
mozillafirefoxMatch0.9.1
OR
mozillafirefoxMatch0.9.2
OR
mozillafirefoxMatch0.9.3
OR
mozillamozillaMatch1.7
OR
mozillamozillaMatch1.7rc3
OR
mozillamozillaMatch1.7.1
OR
mozillamozillaMatch1.7.2
OR
mozillathunderbirdMatch0.6
OR
mozillathunderbirdMatch0.7
OR
mozillathunderbirdMatch0.7.1
OR
mozillathunderbirdMatch0.7.2
OR
mozillathunderbirdMatch0.7.3
OR
netscapenavigatorMatch7.0
OR
netscapenavigatorMatch7.0.2
OR
netscapenavigatorMatch7.1
OR
netscapenavigatorMatch7.2
OR
conectivalinuxMatch9.0
OR
conectivalinuxMatch10.0
Node
redhatenterprise_linuxMatch2.1advanced_server
OR
redhatenterprise_linuxMatch2.1advanced_server_ia64
OR
redhatenterprise_linuxMatch2.1enterprise_server
OR
redhatenterprise_linuxMatch2.1enterprise_server_ia64
OR
redhatenterprise_linuxMatch2.1workstation
OR
redhatenterprise_linuxMatch2.1workstation_ia64
OR
redhatenterprise_linuxMatch3.0advanced_server
OR
redhatenterprise_linuxMatch3.0enterprise_server
OR
redhatenterprise_linuxMatch3.0workstation_server
OR
redhatenterprise_linux_desktopMatch3.0
OR
redhatfedora_coreMatchcore_1.0
OR
redhatlinuxMatch7.3
OR
redhatlinuxMatch7.3i386
OR
redhatlinuxMatch7.3i686
OR
redhatlinuxMatch9.0i386
OR
redhatlinux_advanced_workstationMatch2.1ia64
OR
redhatlinux_advanced_workstationMatch2.1itanium_processor

Related

freebsd 1
nessus 6
openvas 6
nvd 1
cvelist 1
checkpoint_advisories 1
redhat 1
gentoo 1
suse 1
freebsd
freebsd
mozilla -- BMP decoder vulnerabilities
2004-09-13 00:00:00
nessus
nessus
FreeBSD : mozilla -- BMP decoder vulnerabilities (ab9c559e-115a-11d9-bc4a-000c41e2cdad)
2005-07-13 00:00:00
Mozilla < 1.7.3 / Thunderbird < 0.8 Multiple Vulnerabilities
2004-09-15 00:00:00
Mozilla Browsers Multiple Vulnerabilities
2004-09-15 00:00:00
openvas
openvas
FreeBSD Ports: thunderbird
2008-09-04 00:00:00
FreeBSD Ports: thunderbird
2008-09-04 00:00:00
SLES9: Security update for Mozilla
2009-10-10 00:00:00
nvd
nvd
CVE-2004-0904
2004-12-31 05:00:00
cvelist
cvelist
CVE-2004-0904
2004-09-24 04:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows GDI+ BMP File Parsing Integer Overflow (MS08-052; CVE-2004-0904; CVE-2008-3015)
2008-09-09 00:00:00
redhat
redhat
(RHSA-2004:486) mozilla security update
2004-09-30 00:00:00
gentoo
gentoo
Mozilla, Firefox, Thunderbird, Epiphany: New releases fix vulnerabilities
2004-09-20 00:00:00
suse
suse
various vulnerabilities in mozilla
2004-10-06 13:11:21

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.117 Low

EPSS

Percentile

95.3%

JSON
Related for CVE-2004-0904
freebsd1nessus6openvas6nvd1cvelist1checkpoint_advisories1redhat1gentoo1suse1