Arbitrary Code Execution via Integer Overflow in BMP Decoder

Arbitrary Code Execution via Integer Overflow in BMP Decoder

CVE-2004-0904 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.

Learn more about our Cis Benchmark Audit For Mozilla Firefox.