• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Multiple Browser Zero Width GIF Image Memory Corruption Vulnerability

Solution:
Conectiva has released a security advisory containing fixes. Users are advised to upgrade their Mozilla and Galeon packages as soon as possible.

Netscape has addressed the issue in version 7.0. This issue is also reported to be addressed in Mozilla 1.1.


Mozilla Browser 0.9.5

• Mozilla Mozilla 1.1
  http://www.mozilla.org/releases/

Mozilla Browser 0.9.6

• Mozilla Mozilla 1.1
  http://www.mozilla.org/releases/

Mozilla Browser 0.9.7

• Mozilla Mozilla 1.1
  http://www.mozilla.org/releases/

Mozilla Browser 0.9.8

• Mozilla Mozilla 1.1
  http://www.mozilla.org/releases/

Mozilla Browser 0.9.9

• Mozilla Mozilla 1.1
  http://www.mozilla.org/releases/


• RedHat galeon-1.2.6-0.7.2.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/galeon-1.2.6-0.7.2.i386.rpm


• RedHat galeon-1.2.6-0.7.3.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/galeon-1.2.6-0.7.3.i386.rpm


• RedHat gdk-pixbuf-0.14.0-0.7.2.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/gdk-pixbuf-0.14.0-0.7.2.i386.r pm


• RedHat gdk-pixbuf-0.14.0-0.7.2.ia64.rpm
  ftp://updates.redhat.com/7.2/en/os/ia64/gdk-pixbuf-0.14.0-0.7.2.ia64.r pm


• RedHat gdk-pixbuf-devel-0.14.0-0.7.2.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/gdk-pixbuf-devel-0.14.0-0.7.2. i386.rpm


• RedHat gdk-pixbuf-devel-0.14.0-0.7.2.ia64.rpm
  ftp://updates.redhat.com/7.2/en/os/ia64/gdk-pixbuf-devel-0.14.0-0.7.2. ia64.rpm


• RedHat gdk-pixbuf-gnome-0.14.0-0.7.2.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/gdk-pixbuf-gnome-0.14.0-0.7.2. i386.rpm


• RedHat gdk-pixbuf-gnome-0.14.0-0.7.2.ia64.rpm
  ftp://updates.redhat.com/7.2/en/os/ia64/gdk-pixbuf-gnome-0.14.0-0.7.2. ia64.rpm


• RedHat mozilla-1.0.1-2.7.2.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/mozilla-1.0.1-2.7.2.i386.rpm


• RedHat mozilla-1.0.1-2.7.3.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/mozilla-1.0.1-2.7.3.i386.rpm


• RedHat mozilla-chat-1.0.1-2.7.2.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/mozilla-chat-1.0.1-2.7.2.i386. rpm


• RedHat mozilla-chat-1.0.1-2.7.3.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/mozilla-chat-1.0.1-2.7.3.i386. rpm


• RedHat mozilla-devel-1.0.1-2.7.2.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/mozilla-devel-1.0.1-2.7.2.i386 .rpm


• RedHat mozilla-devel-1.0.1-2.7.3.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/mozilla-devel-1.0.1-2.7.3.i386 .rpm


• RedHat mozilla-dom-inspector-1.0.1-2.7.2.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/mozilla-dom-inspector-1.0.1-2. 7.2.i386.rpm


• RedHat mozilla-dom-inspector-1.0.1-2.7.3.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/mozilla-dom-inspector-1.0.1-2. 7.3.i386.rpm


• RedHat mozilla-js-debugger-1.0.1-2.7.2.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/mozilla-js-debugger-1.0.1-2.7. 2.i386.rpm


• RedHat mozilla-js-debugger-1.0.1-2.7.3.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/mozilla-js-debugger-1.0.1-2.7. 3.i386.rpm


• RedHat mozilla-mail-1.0.1-2.7.2.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/mozilla-mail-1.0.1-2.7.2.i386. rpm


• RedHat mozilla-mail-1.0.1-2.7.3.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/mozilla-mail-1.0.1-2.7.3.i386. rpm


• RedHat mozilla-nspr-1.0.1-2.7.2.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/mozilla-nspr-1.0.1-2.7.2.i386. rpm


• RedHat mozilla-nspr-1.0.1-2.7.3.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/mozilla-nspr-1.0.1-2.7.3.i386. rpm


• RedHat mozilla-nspr-devel-1.0.1-2.7.2.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/mozilla-nspr-devel-1.0.1-2.7.2 .i386.rpm


• RedHat mozilla-nspr-devel-1.0.1-2.7.3.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/mozilla-nspr-devel-1.0.1-2.7.3 .i386.rpm


• RedHat mozilla-nss-1.0.1-2.7.2.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/mozilla-nss-1.0.1-2.7.2.i386.r pm


• RedHat mozilla-nss-1.0.1-2.7.3.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/mozilla-nss-1.0.1-2.7.3.i386.r pm


• RedHat mozilla-nss-devel-1.0.1-2.7.2.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/mozilla-nss-devel-1.0.1-2.7.2. i386.rpm


• RedHat mozilla-nss-devel-1.0.1-2.7.3.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/mozilla-nss-devel-1.0.1-2.7.3. i386.rpm


• RedHat mozilla-psm-1.0.1-2.7.2.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/mozilla-psm-1.0.1-2.7.2.i386.r pm


• RedHat mozilla-psm-1.0.1-2.7.3.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/mozilla-psm-1.0.1-2.7.3.i386.r pm


• RedHat nautilus-1.0.4-48.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/nautilus-1.0.4-48.i386.rpm


• RedHat nautilus-1.0.4-48.ia64.rpm
  ftp://updates.redhat.com/7.2/en/os/ia64/nautilus-1.0.4-48.ia64.rpm


• RedHat nautilus-1.0.6-16.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/nautilus-1.0.6-16.i386.rpm


• RedHat nautilus-devel-1.0.4-48.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/nautilus-devel-1.0.4-48.i386.r pm


• RedHat nautilus-devel-1.0.4-48.ia64.rpm
  ftp://updates.redhat.com/7.2/en/os/ia64/nautilus-devel-1.0.4-48.ia64.r pm


• RedHat nautilus-devel-1.0.6-16.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/nautilus-devel-1.0.6-16.i386.r pm


• RedHat nautilus-mozilla-1.0.4-48.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/nautilus-mozilla-1.0.4-48.i386 .rpm


• RedHat nautilus-mozilla-1.0.6-16.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/nautilus-mozilla-1.0.6-16.i386 .rpm

Mozilla Browser 1.0

• Conectiva mozilla-1.2.1-1U60_2cl.i386.rpm
  Conectiva 6.0
  ftp://atualizacoes.conectiva.com.br/6.0/RPMS/mozilla-1.2.1-1U60_2cl.i3 86.rpm


• Conectiva mozilla-1.2.1-1U70_2cl.i386.rpm
  Conectiva 7.0
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/mozilla-1.2.1-1U70_2cl.i3 86.rpm


• Conectiva mozilla-1.2.1-1U80_5cl.i386.rpm
  Conectiva 8.0
  ftp://atualizacoes.conectiva.com.br/8/RPMS/mozilla-1.2.1-1U80_5cl.i386 .rpm


• Conectiva mozilla-devel-1.2.1-1U60_2cl.i386.rpm
  Conectiva 6.0
  ftp://atualizacoes.conectiva.com.br/6.0/RPMS/mozilla-devel-1.2.1-1U60_ 2cl.i386.rpm


• Conectiva mozilla-devel-1.2.1-1U70_2cl.i386.rpm
  Conectiva 7.0
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/mozilla-devel-1.2.1-1U70_ 2cl.i386.rpm


• Conectiva mozilla-devel-1.2.1-1U80_5cl.i386.rpm
  Conectiva 8.0
  ftp://atualizacoes.conectiva.com.br/8/RPMS/mozilla-devel-1.2.1-1U80_5c l.i386.rpm


• Conectiva mozilla-irc-1.2.1-1U70_2cl.i386.rpm
  Conectiva 7.0
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/mozilla-irc-1.2.1-1U70_2c l.i386.rpm


• Conectiva mozilla-irc-1.2.1-1U80_5cl.i386.rpm
  Conectiva 8.0
  ftp://atualizacoes.conectiva.com.br/8/RPMS/mozilla-irc-1.2.1-1U80_5cl. i386.rpm


• Conectiva mozilla-mail-1.2.1-1U70_2cl.i386.rpm
  Conectiva 7.0
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/mozilla-mail-1.2.1-1U70_2 cl.i386.rpm


• Conectiva mozilla-mail-1.2.1-1U80_5cl.i386.rpm
  Conectiva 8.0
  ftp://atualizacoes.conectiva.com.br/8/RPMS/mozilla-mail-1.2.1-1U80_5cl .i386.rpm


• Conectiva mozilla-psm-1.2.1-1U70_2cl.i386.rpm
  Conectiva 7.0
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/mozilla-psm-1.2.1-1U70_2c l.i386.rpm


• Conectiva mozilla-psm-1.2.1-1U80_5cl.i386.rpm
  Conectiva 8.0
  ftp://atualizacoes.conectiva.com.br/8/RPMS/mozilla-psm-1.2.1-1U80_5cl. i386.rpm


• Mandrake galeon-1.2.5-2.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake galeon-1.2.5-2.1mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake galeon-1.2.5-2.1mdk.src.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libjs-1.0.1-4.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libjs-1.0.1-4.1mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libnautilus0-1.0.6-15.8mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libnautilus0-1.0.6-15.8mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libnautilus0-devel-1.0.6-15.8mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libnautilus0-devel-1.0.6-15.8mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libnspr4-1.0.1-4.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libnspr4-1.0.1-4.1mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libnspr4-devel-1.0.1-4.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libnspr4-devel-1.0.1-4.1mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libnss3-1.0.1-4.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libnss3-1.0.1-4.1mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libnss3-devel-1.0.1-4.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake libnss3-devel-1.0.1-4.1mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-1.0.1-4.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-1.0.1-4.1mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-1.0.1-4.1mdk.src.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-devel-1.0.1-4.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-devel-1.0.1-4.1mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-dom-inspector-1.0.1-4.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-dom-inspector-1.0.1-4.1mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-enigmail-1.0.1-4.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-enigmail-1.0.1-4.1mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-enigmime-1.0.1-4.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-enigmime-1.0.1-4.1mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-irc-1.0.1-4.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-irc-1.0.1-4.1mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-js-debugger-1.0.1-4.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-js-debugger-1.0.1-4.1mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-mail-1.0.1-4.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-mail-1.0.1-4.1mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-spellchecker-1.0.1-4.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-spellchecker-1.0.1-4.1mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-xmlterm-1.0.1-4.1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mozilla-xmlterm-1.0.1-4.1mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake nautilus-1.0.6-15.8mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake nautilus-1.0.6-15.8mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake nautilus-1.0.6-15.8mdk.src.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake nautilus-mozilla-1.0.6-15.8mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake nautilus-mozilla-1.0.6-15.8mdk.ppc.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mozilla Mozilla 1.1
  http://www.mozilla.org/releases/


• RedHat galeon-1.2.6-0.8.0.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/galeon-1.2.6-0.8.0.i386.rpm


• RedHat mozilla-1.0.1-26.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/mozilla-1.0.1-26.i386.rpm


• RedHat mozilla-chat-1.0.1-26.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/mozilla-chat-1.0.1-26.i386.rpm


• RedHat mozilla-devel-1.0.1-26.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/mozilla-devel-1.0.1-26.i386.rp m


• RedHat mozilla-dom-inspector-1.0.1-26.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/mozilla-dom-inspector-1.0.1-26 .i386.rpm


• RedHat mozilla-js-debugger-1.0.1-26.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/mozilla-js-debugger-1.0.1-26.i 386.rpm


• RedHat mozilla-mail-1.0.1-26.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/mozilla-mail-1.0.1-26.i386.rpm


• RedHat mozilla-nspr-1.0.1-26.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/mozilla-nspr-1.0.1-26.i386.rpm


• RedHat mozilla-nspr-devel-1.0.1-26.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/mozilla-nspr-devel-1.0.1-26.i3 86.rpm


• RedHat mozilla-nss-1.0.1-26.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/mozilla-nss-1.0.1-26.i386.rpm


• RedHat mozilla-nss-devel-1.0.1-26.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/mozilla-nss-devel-1.0.1-26.i38 6.rpm


• RedHat mozilla-psm-1.0.1-26.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/mozilla-psm-1.0.1-26.i386.rpm

Galeon Galeon Browser 1.2.4

• Conectiva galeon-1.2.7-1U80_5cl.i386.rpm
  Conectiva 8.0
  ftp://atualizacoes.conectiva.com.br/8/RPMS/galeon-1.2.7-1U80_5cl.i386. rpm


• Conectiva galeon-devel-1.2.7-1U80_5cl.i386.rpm
  Conectiva 8.0
  ftp://atualizacoes.conectiva.com.br/8/RPMS/galeon-devel-1.2.7-1U80_5cl .i386.rpm

Galeon Galeon Browser 1.2.5

• Conectiva galeon-1.2.7-1U80_5cl.i386.rpm
  Conectiva 8.0
  ftp://atualizacoes.conectiva.com.br/8/RPMS/galeon-1.2.7-1U80_5cl.i386. rpm


• Conectiva galeon-devel-1.2.7-1U80_5cl.i386.rpm
  Conectiva 8.0
  ftp://atualizacoes.conectiva.com.br/8/RPMS/galeon-devel-1.2.7-1U80_5cl .i386.rpm

Galeon Galeon Browser 1.2.6

• Conectiva galeon-1.2.7-1U80_5cl.i386.rpm
  Conectiva 8.0
  ftp://atualizacoes.conectiva.com.br/8/RPMS/galeon-1.2.7-1U80_5cl.i386. rpm


• Conectiva galeon-devel-1.2.7-1U80_5cl.i386.rpm
  Conectiva 8.0
  ftp://atualizacoes.conectiva.com.br/8/RPMS/galeon-devel-1.2.7-1U80_5cl .i386.rpm

Netscape Netscape 6.2

• Netscape Netscape 7.0
  http://channels.netscape.com/ns/browsers/download.jsp

Netscape Netscape 6.2.1

• Netscape Netscape 7.0
  http://channels.netscape.com/ns/browsers/download.jsp

Netscape Netscape 6.2.2

• Netscape Netscape 7.0
  http://channels.netscape.com/ns/browsers/download.jsp

Netscape Netscape 6.2.3

• Netscape Netscape 7.0
  http://channels.netscape.com/ns/browsers/download.jsp