CVE-2004-0902 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2004-0902
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2004-0902

Description: Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/17378 http://xforce.iss.net/xforce/xfdb/17379 SUSE http://www.novell.com/linux/security/advisories/2004_36_mozilla.html HP http://marc.theaimsgroup.com/?l=bugtraq&m=109698896104418&w=2 GENTOO http://security.gentoo.org/glsa/glsa-200409-26.xml FEDORA http://marc.theaimsgroup.com/?l=bugtraq&m=109900315219363&w=2 CONFIRM http://bugzilla.mozilla.org/show_bug.cgi?id=256316 http://bugzilla.mozilla.org/show_bug.cgi?id=245066 http://bugzilla.mozilla.org/show_bug.cgi?id=226669 http://bugzilla.mozilla.org/show_bug.cgi?id=258005 http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3 CERT-VN 125776 808216 327560 CERT http://www.us-cert.gov/cas/techalerts/TA04-261A.html

Return to the previous page.