Mozilla

Mozilla

Mozilla Foundation Security Advisory 2005-30

GIF heap overflow parsing Netscape extension 2

Announced
March 22, 2005
Reporter
Mark Dowd (ISS X-Force)
Risk
High
Impact
Critical
Products
Firefox, Mozilla Suite, Thunderbird
Fixed in
  • Firefox 1.0.2
  • Mozilla Suite 1.7.6
  • Thunderbird 1.0.2

Description

An GIF processing error when parsing the obsolete Netscape extension 2 can lead to an exploitable heap overrun, allowing an attacker to run arbitrary code on the user's machine.

Workaround

Turn off image display. Upgrade to the fixed version.

Important Note: The image blocking used in Mozilla Thunderbird and the mail client in the Mozilla Suite only blocks images loaded from remote servers. It will still display "in-line" images and is insufficient to protect against a potential attack. Instead, on the View menu choose "Message Body As" and set it to "Plain Text".

We, of course, recommend upgrading to the fixed version.

References