CVE-2004-0904 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2004-0904 Interim 1 3 2021-06-09T08:31:47Z current 2021-05-30T12:30:41Z 2021-06-09T08:31:47Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2004-0904 Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows. CVE-2004-0904 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C