CVE-2006-2781 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-2781
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-2781

Description: Double-free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/26850 UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-297-3 http://www.ubuntulinux.org/support/documentation/usn/usn-323-1 http://www.ubuntulinux.org/support/documentation/usn/usn-297-1 SUSE http://www.novell.com/linux/security/advisories/2006_35_mozilla.html ST 1016214 SAID Secunia Advisory: SA21607 Secunia Advisory: SA21324 Secunia Advisory: SA21336 Secunia Advisory: SA21269 Secunia Advisory: SA21210 Secunia Advisory: SA21178 Secunia Advisory: SA21183 Secunia Advisory: SA21134 Secunia Advisory: SA20394 Secunia Advisory: SA20709 Secunia Advisory: SA20382 Secunia Advisory: SA21631 Secunia Advisory: SA22065 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0594.html http://www.redhat.com/support/errata/RHSA-2006-0611.html http://rhn.redhat.com/errata/RHSA-2006-0609.html http://www.redhat.com/support/errata/RHSA-2006-0578.html MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:146 HP http://www.securityfocus.com/archive/1/archive/1/446657/100/200/threaded GENTOO http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml DEBIAN http://www.debian.org/security/2006/dsa-1118 http://www.debian.org/security/2006/dsa-1134 CONFIRM http://www.mozilla.org/security/announce/2006/mfsa2006-40.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/435795/100/0/threaded BID 18228

Return to the previous page.