CVE-2005-2701

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Mozilla Suite
Vendor: CVE Published:; 23 September 2005

Summary

Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to execute arbitrary code via an XBM image file that ends in a large number of spaces instead of the expected end tag.

References

http://www.mandriva.com/security/advisories?name=MDKSA-20...

vendor-advisoryx_refsource_MANDRIVA

http://www.debian.org/security/2005/dsa-868

vendor-advisoryx_refsource_DEBIAN

http://www.vupen.com/english/advisories/2005/1824

vdb-entryx_refsource_VUPEN

EPSS Score

53% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 23, 2005
Vulnerability Reserved
Aug 26, 2005