Heap Memory Corruption in Netscape and Mozilla Browsers
CVE-2002-1091

Currently unrated

Key Information:

Vendor: Mozilla
Status: Mozilla; Navigator; Opera Web Browser
Vendor: CVE Published:; 4 October 2002

What is CVE-2002-1091?

Netscape 6.2.3 and earlier, alongside Mozilla 1.0.1, suffer from a vulnerability that allows remote attackers to exploit a flaw in GIF image processing. Specifically, a GIF image crafted with a zero width can lead to heap memory corruption, potentially enabling attackers to execute arbitrary code on the affected systems. This vulnerability underscores the importance of safe image processing practices and validates the need for updated software versions.

References

http://www.redhat.com/support/errata/RHSA-2003-046.html

vendor-advisoryx_refsource_REDHAT

http://bugzilla.mozilla.org/show_bug.cgi?id=157989

x_refsource_CONFIRM

http://www.securityfocus.com/bid/5665

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2002
Vulnerability Reserved
Sep 6, 2002