| Name | CVE-2002-2061 |
| Description | Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an 8-bit or 16-bit alpha channel. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| mozilla | source | (unstable) | 2:1.1-1 | low |
fixed in upstream 1.0.1
see http://web.archive.org/web/20090628044831/http://www.mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html