cbcvebase.
CVE-2005-0399
published 2005-05-02

CVE-2005-0399: Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use…

PriorityP333medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EPSS
15.12%
96.3th percentile
Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.

Affected

34 ranges· showing 25
VendorProductVersion rangeFixed in
mozillafirefox
mozillafirefox
mozillafirefox
mozillafirefox
mozillafirefox
mozillafirefox
mozillafirefox
mozillafirefox
mozillafirefox
mozillamozilla
mozillamozilla
mozillamozilla
mozillamozilla
mozillamozilla
mozillamozilla
mozillamozilla
mozillamozilla
mozillamozilla
mozillamozilla
mozillamozilla
mozillathunderbird
mozillathunderbird
mozillathunderbird
mozillathunderbird
mozillathunderbird

CVSS provenance

nvdv2.05.1MEDIUMAV:N/AC:H/Au:N/C:P/I:P/A:P
vendor_redhat5.1MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.