Mozilla Firefox Unspecified GIF Handling Denial of Service Vulnerability
BID:22899
Info
Mozilla Firefox Unspecified GIF Handling Denial of Service Vulnerability
| Bugtraq ID: | 22899 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 09 2007 12:00AM |
| Updated: | Mar 12 2007 06:54PM |
| Credit: | Tõnu Samuel is credited with discovering this vulnerability. |
| Vulnerable: |
Mozilla Firefox 2.0.0.2 GIMP GIMP 2.2.12 |
| Not Vulnerable: | |
Discussion
Mozilla Firefox Unspecified GIF Handling Denial of Service Vulnerability
Firefox is prone to a remote denial-of-service vulnerability.
An attacker may exploit this vulnerability to cause the application to crash, resulting in denial-of-service conditions.
Little is known regarding this vulnerability; this BID will be updated when more information is disclosed.
Firefox 2.0.0.2 is prone to this issue; other versions may also be affected.
GIMP version 2.2.12 is also reported vulnerable; a segmentation fault occurs when the application processes a malicious GIF image.
Firefox is prone to a remote denial-of-service vulnerability.
An attacker may exploit this vulnerability to cause the application to crash, resulting in denial-of-service conditions.
Little is known regarding this vulnerability; this BID will be updated when more information is disclosed.
Firefox 2.0.0.2 is prone to this issue; other versions may also be affected.
GIMP version 2.2.12 is also reported vulnerable; a segmentation fault occurs when the application processes a malicious GIF image.
Exploit / POC
Mozilla Firefox Unspecified GIF Handling Denial of Service Vulnerability
A sample exploit has been provided in a zip file:
A sample exploit has been provided in a zip file:
Solution / Fix
Mozilla Firefox Unspecified GIF Handling Denial of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Mozilla Firefox Unspecified GIF Handling Denial of Service Vulnerability
References:
References:
- GIMP Homepage (GIMP)
- Mozilla Homepage (Mozilla Foundation)