Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the Send page functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mozilla | Mozilla | 1.7 (including) | 1.7 (including) |
Mozilla | Mozilla | 1.7.1 (including) | 1.7.1 (including) |
Mozilla | Mozilla | 1.7.2 (including) | 1.7.2 (including) |
Thunderbird | Mozilla | 0.7 (including) | 0.7 (including) |
Thunderbird | Mozilla | 0.7.1 (including) | 0.7.1 (including) |
Thunderbird | Mozilla | 0.7.2 (including) | 0.7.2 (including) |
Thunderbird | Mozilla | 0.7.3 (including) | 0.7.3 (including) |
Linux | Conectiva | 9.0 (including) | 9.0 (including) |
Linux | Conectiva | 10.0 (including) | 10.0 (including) |
Red Hat Enterprise Linux 2.1 | RedHat | galeon | * |
Red Hat Enterprise Linux 2.1 | RedHat | mozilla | * |
Red Hat Enterprise Linux 3 | RedHat | mozilla | * |