Rapid7 Vulnerability & Exploit Database

SUSE Linux Security Vulnerability: CVE-2004-0904

Back to Search

SUSE Linux Security Vulnerability: CVE-2004-0904

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

12/31/2004

Created

07/25/2018

Added

02/17/2015

Modified

07/04/2017

Description

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.

Solution(s)

suse-upgrade-mozilla
suse-upgrade-mozilla-calendar
suse-upgrade-mozilla-dom-inspector
suse-upgrade-mozilla-irc
suse-upgrade-mozilla-mail
suse-upgrade-mozilla-venkman

References

https://attackerkb.com/topics/cve-2004-0904
11171
TA04-261A
847200
CVE - 2004-0904
OVAL10952
SUSE-SA:2004:036
17381

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

SUSE Linux Security Vulnerability: CVE-2004-0904