CVE-2002-1308

Published: Nov 29, 2002Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression.

Affected (12)

Products: Mozilla: Mozilla · Netscape: Navigator

1 product

1 product

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
Mozilla Mozilla	Version 0.9.6
Mozilla Mozilla	Version 0.9.7
Mozilla Mozilla	Version 0.9.8
Mozilla Mozilla	Version 0.9.9
Mozilla Mozilla	Version 1.0.1
Mozilla Mozilla	Version 1.0
Mozilla Mozilla	Version 1.1
Netscape Navigator	Version 6.2.1
Netscape Navigator	Version 6.2.2
Netscape Navigator	Version 6.2.3
Netscape Navigator	Version 6.2
Netscape Navigator	Version 7.0

References (12)

http://bugzilla.mozilla.org/show_bug.cgi?id=157646

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=103730181813075&w=2

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2003-162.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2003-163.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/6185

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/10636

Source: cve@mitre.org

http://bugzilla.mozilla.org/show_bug.cgi?id=157646

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=103730181813075&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2003-162.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2003-163.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/6185

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/10636

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.