HTTP: Overlarge BMP Width Parameter
This signature detects large bitmap (BMP) files that contain a large width parameter. Attackers can post a BMP file that, when viewed in Mozilla or FireFox Web browser, crashes the browser's system. In some extreme cases, attackers can run arbitrary code on the browser's system. Note: A very wide non-malicious BMP can also trigger this signature.
Extended Description
Mozilla Browser is reportedly prone to multiple integer overflow vulnerabilities in the image parsing routines. These issues exist due to insufficient boundary checks performed by the application. A remote attacker may cause denial of service conditions in the client or execute arbitrary code to gain unauthorized access to a vulnerable computer. These vulnerabilities were researched on Mozilla 1.7, however, other versions may be affected as well. Thunderbird 0.7 was also tested.
Affected Products
Conectiva linux
References
BugTraq: 11171
CVE: CVE-2004-0904
URL: http://www.kb.cert.org/vuls/id/847200 http://bugzilla.mozilla.org/show_bug.cgi?id=255067
Short Name
HTTP:STC:IMG:BMP-WIDTH-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
BMP CVE-2004-0904 Overlarge Parameter Width bid:11171
Release Date
10/06/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3725
False Positive
Unknown
Vendors
Red_hat
Mozilla
Conectiva
Netscape
CVSS Score
10.0