Netscape Composer字体外观字段远程缓冲区溢出漏洞

Netscape Composer字体外观字段远程缓冲区溢出漏洞

漏洞ID 1106794 漏洞类型 边界条件错误
发布时间 2002-06-13 更新时间 2005-10-20
图片[1]-Netscape Composer字体外观字段远程缓冲区溢出漏洞-安全小百科CVE编号 CVE-2002-1766
图片[2]-Netscape Composer字体外观字段远程缓冲区溢出漏洞-安全小百科CNNVD-ID CNNVD-200212-653
漏洞平台 Multiple CVSS评分 4.6
|漏洞来源
https://www.exploit-db.com/exploits/21544
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200212-653
|漏洞详情
Netscape是一款由NetscapeCommunication开发的WEB浏览器,可使用在多种操作系统下,此漏洞只影响Linux平台下的版本。Netscape中的编辑器(composer)在处理超长字体外观(fontface)字段时存在漏洞,远程攻击者可能利用此漏洞进行缓冲区溢出攻击。Netscape中的编辑器对字体外观字段边界缺少正确检查,攻击者可以构建包含超过191字节的字体外观字段的WEB页面,当Netscape中的编辑器编辑这个HTML页时产生缓冲区溢出,精心构建字体外观字段数据可能导致攻击者以Netscape进程的权限在用户系统上执行任意指令。
|漏洞EXP
source: http://www.securityfocus.com/bid/5010/info

Netscape is a freely available web browser distributed by Netscape Communications, and available for various platforms. This vulnerability is known to affect those installations on the Linux platform.

A buffer overflow has been reported in the Composer function of Netscape. When an HTML page with a Font Face field of arbitrary length is edited using Netscape Composer, a memory corruption bug may occur that could allow the overwriting of process memory, and execution of attacker supplied code. 

<html>
<body>

<font face="X">Hola!</font>

</body>
</html>

where X is indicative of 191 or more characters.
|参考资料

来源:XF
名称:netscape-composer-font-bo(9355)
链接:http://xforce.iss.net/xforce/xfdb/9355
来源:BID
名称:5010
链接:http://www.securityfocus.com/bid/5010
来源:NSFOCUS
名称:2982
链接:http://www.nsfocus.net/vulndb/2982

相关推荐: Amavis Header Parsing Mail Relaying Weakness

Amavis Header Parsing Mail Relaying Weakness 漏洞ID 1100526 漏洞类型 Configuration Error 发布时间 2003-04-08 更新时间 2003-04-08 CVE编号 N/A CNNVD…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享