Multiple heap-based buffer overflows in Mozilla Thunderbird before 1.5.0.9 and SeaMonkey before 1.0.7 allow remote attackers to execute arbitrary code via (1) external message modies with long Content-Type headers or (2) long RFC2047-encoded (MIME non-ASCII) headers.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Seamonkey | Mozilla | * | 1.0.6 (including) |
Thunderbird | Mozilla | * | 1.5.0.8 (including) |