VDB
CVE-2005-0399
CVE-2005-0399
PUBLISHED
CVSS 5.099999904632568 MEDIUM
Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.
EPSS 41.28% · 97.5th percentile
Risk Scores
CVSS 2.0
5.099999904632568
EPSS Score
41.28%
97.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| mozilla | mozilla | 1.4, 1.4, 1.4.1 |
| mozilla | firefox | 0.8, 0.9, 0.9 |
| mozilla | thunderbird | 0.1, 0.2, 0.3 |
Timeline
- CVE Published
- Jul 30, 2010 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- RHSA-2005:323 vendor-advisory
- RHSA-2005:336 vendor-advisory
- ADV-2005-0296 vdb
- SCOSA-2005.49 vendor-advisory
- oval:org.mitre.oval:def:100028 vdb
- RHSA-2005:335 vendor-advisory
- 19823 third-party-advisory
- 15495 vdb
- P-160 third-party-advisory
- gif-extension-overflow(19269) vdb
- 12881 vdb
- http://www.mozilla.org/security/announce/mfsa2005-30.html url
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150877 url
- 20050323 Mozilla Foundation GIF Overflow third-party-advisory
- VU#557948 third-party-advisory
- GLSA-200503-30 vendor-advisory
- oval:org.mitre.oval:def:11377 vdb
- 14654 third-party-advisory
- SUSE-SA:2006:022 vendor-advisory
- RHSA-2005:337 vendor-advisory
…and 1 more