Integer Overflow Vulnerability in Mozilla Firefox and Thunderbird Products
CVE-2004-0904

Currently unrated

Key Information:

Vendor

Mozilla
Status
Thunderbird
Firefox
Linux
Mozilla
Vendor
CVE Published:
31 December 2004

What is CVE-2004-0904?

An integer overflow vulnerability exists in the BMP decoder for Mozilla Firefox and Thunderbird, allowing remote attackers to execute arbitrary code. By sending specially crafted wide bitmap files, attackers can trigger heap-based buffer overflows, potentially compromising the security of affected systems. This flaw impacts versions prior to Firefox 1.7.3 and Thunderbird 0.8, necessitating prompt updates to mitigate risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/17381
vdb-entryx_refsource_XF
http://www.novell.com/linux/security/advisories/2004_36_m...
vendor-advisoryx_refsource_SUSE
http://marc.info/?l=bugtraq&m=109900315219363&w=2
vendor-advisoryx_refsource_FEDORA

EPSS Score

31% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.