CVE-2002-1091
RCETitle: Netscape/Mozilla GIF image with zero width heap corruption DoS
RCE/Denial of Service
Proof Of Concept
No public PoC currently indexed for CVE-2002-1091.
CWE Category
NVD-CWE-noinfo
Published Date
Oct 04, 2002
Modified Date
Apr 03, 2025
Exploit Status
Not Found
Score
7.5
CVSS v2.0
Exploit Probability (EPSS)
6.47%
Vulnerability Summary
CVE-2002-1091: Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width.
Impacted Vendors
Reference Links
http://bugzilla.mozilla.org/show_bug.cgi?id=157989
http://crash.ihug.co.nz/~Sneuro/zerogif/
http://marc.info/?l=bugtraq&m=103134051120770&w=2
http://www.iss.net/security_center/static/10058.php
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:075
http://www.redhat.com/support/errata/RHSA-2002-192.html
http://www.redhat.com/support/errata/RHSA-2003-046.html
http://www.securityfocus.com/bid/5665
http://bugzilla.mozilla.org/show_bug.cgi?id=157989
http://crash.ihug.co.nz/~Sneuro/zerogif/
http://marc.info/?l=bugtraq&m=103134051120770&w=2
http://www.iss.net/security_center/static/10058.php
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:075
http://www.redhat.com/support/errata/RHSA-2002-192.html
http://www.redhat.com/support/errata/RHSA-2003-046.html
http://www.securityfocus.com/bid/5665
CVSS v2.0
Source Entity
[email protected]
Severity
HIGH
7.5
Access Vector
N/A
Authentication
N/A
RAW VECTOR
AV:N/AC:L/Au:N/C:P/I:P/A:P
Associated Attack Patterns (CAPEC)
Total: PatternsNo specific attack patterns mapped.
Likelihood
Severity
Page /
CVE-2002-1091 Exploits & PoCs (Proof Of Concept)
No public PoCs found in our database for this CVE.
MODIFIED
Vulnerability data or affected products updated.
PUBLISHED
Vulnerability first announced in NVD.
Attack Vector Matrix
Access Vector
N/A
Complexity
N/A
Privileges
N/A
Interaction
NONE
CVSS Vector String
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Stack
No specific products linked.