TITLE: Mozilla Thunderbird GIF Image Processing Buffer Overflow Vulnerability
SECUNIA ADVISORY ID: SA14685 VERIFY ADVISORY: http://secunia.com/advisories/14685/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Mozilla Thunderbird 1.x http://secunia.com/product/4652/ Mozilla Thunderbird 0.x http://secunia.com/product/2637/ DESCRIPTION: A vulnerability in Thunderbird, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the GIF image processing of Netscape extension 2 blocks and can be exploited to cause a heap-based buffer overflow via a specially crafted image. Successful exploitation may allow execution of arbitrary code. The vulnerability has been reported in versions prior to 1.0.2. SOLUTION: Update to version 1.0.2. http://www.mozilla.org/products/thunderbird/ ORIGINAL ADVISORY: Mozilla: http://www.mozilla.org/security/announce/mfsa2005-30.html ISS: http://xforce.iss.net/xforce/alerts/id/191 ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/rules.htm Contact list owner <[EMAIL PROTECTED]> Unsubscribing and other changes: http://pcworkers.com =====================================================
