Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:DL:XBM-BO |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Firefox XBM Image Processing Buffer Overflow |
Release Date |
2010/09/22 |
Update Number |
1777 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Firefox XBM Image Processing Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the FireFox XBM Image Processor. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the application's process user.
Extended Description
Mozilla and Firefox browsers are prone to a heap overflow when processing malformed XBM images. Successful exploitation can result in arbitrary code execution.
Affected Products
- Conectiva linux 10.0.0
- Debian linux 3.1.0
- Debian linux 3.1.0 Alpha
- Debian linux 3.1.0 Amd64
- Debian linux 3.1.0 Arm
- Debian linux 3.1.0 Hppa
- Debian linux 3.1.0 Ia-32
- Debian linux 3.1.0 Ia-64
- Debian linux 3.1.0 M68k
- Debian linux 3.1.0 Mips
- Debian linux 3.1.0 Mipsel
- Debian linux 3.1.0 Ppc
- Debian linux 3.1.0 S/390
- Debian linux 3.1.0 Sparc
- Gentoo linux
- Mandriva corporate_server 3.0.0
- Mandriva corporate_server 3.0.0 X86 64
- Mandriva linux_mandrake 10.1.0
- Mandriva linux_mandrake 10.1.0 X86 64
- Mandriva linux_mandrake 10.2.0
- Mandriva linux_mandrake 10.2.0 X86 64
- Mandriva linux_mandrake 2006.0.0
- Mandriva linux_mandrake 2006.0.0 X86 64
- Mozilla browser 1.6.0
- Mozilla browser 1.7.0
- Mozilla browser 1.7.0 Alpha
- Mozilla browser 1.7.0 Beta
- Mozilla browser 1.7.0 Rc1
- Mozilla browser 1.7.0 Rc2
- Mozilla browser 1.7.0 Rc3
- Mozilla browser 1.7.1
- Mozilla browser 1.7.11
- Mozilla browser 1.7.2
- Mozilla browser 1.7.3
- Mozilla browser 1.7.4
- Mozilla browser 1.7.5
- Mozilla browser 1.7.6
- Mozilla browser 1.7.7
- Mozilla browser 1.7.8
- Mozilla browser 1.7.9
- Mozilla firefox 1.0.0
- Mozilla firefox 1.0.1
- Mozilla firefox 1.0.2
- Mozilla firefox 1.0.3
- Mozilla firefox 1.0.4
- Mozilla firefox 1.0.5
- Mozilla firefox 1.0.6
- Netscape browser 8.0.3 .3
- Red_hat fedora Core1
- Red_hat fedora Core2
- Red_hat fedora Core3
- Red_hat fedora Core4
- Red_hat linux 7.3.0
- Red_hat linux 7.3.0 I386
- Red_hat linux 7.3.0 I686
- Red_hat linux 9.0.0 I386
- Sgi propack 3.0.0 SP6
- Slackware linux 10.0.0
- Slackware linux 10.1.0
- Slackware linux 10.2.0
- Slackware linux -Current
- Suse beagle 10.0.0
- Suse linux_desktop 1.0.0
- Suse linux_enterprise_server_for_s/390 9.0.0
- Suse linux_personal 10.0.0 OSS
- Suse linux_personal 9.0.0
- Suse linux_personal 9.0.0 X86 64
- Suse linux_personal 9.1.0
- Suse linux_personal 9.1.0 X86 64
- Suse linux_personal 9.2.0
- Suse linux_personal 9.2.0 X86 64
- Suse linux_personal 9.3.0
- Suse linux_personal 9.3.0 X86 64
- Suse linux_professional 10.0.0
- Suse linux_professional 10.0.0 OSS
- Suse linux_professional 9.0.0
- Suse linux_professional 9.0.0 X86 64
- Suse linux_professional 9.1.0
- Suse linux_professional 9.1.0 X86 64
- Suse linux_professional 9.2.0
- Suse linux_professional 9.2.0 X86 64
- Suse linux_professional 9.3.0
- Suse linux_professional 9.3.0 X86 64
- Suse novell_linux_desktop 9.0.0
- Suse suse_linux_enterprise_server 8
- Suse suse_linux_enterprise_server 9
- Turbolinux home
- Turbolinux multimedia
- Turbolinux personal
- Turbolinux turbolinux 10 F...
- Turbolinux turbolinux_desktop 10.0.0
- Turbolinux turbolinux_server 10.0.0
- Ubuntu ubuntu_linux 4.1.0 Ia32
- Ubuntu ubuntu_linux 4.1.0 Ia64
- Ubuntu ubuntu_linux 4.1.0 Ppc
- Ubuntu ubuntu_linux 5.0.0 4 Amd64
- Ubuntu ubuntu_linux 5.0.0 4 I386
- Ubuntu ubuntu_linux 5.0.0 4 Powerpc
References
- BugTraq: 14916
- CVE: CVE-2005-2701