CVE-2006-3804 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-3804
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-3804

Description: Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/27985 UBUNTU http://www.ubuntu.com/usn/usn-350-1 http://www.ubuntulinux.org/support/documentation/usn/usn-329-1 SUSE http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1 ST 1016588 1016587 SGI SAID Secunia Advisory: SA21343 Secunia Advisory: SA21262 Secunia Advisory: SA21250 Secunia Advisory: SA21246 Secunia Advisory: SA21269 Secunia Advisory: SA21275 Secunia Advisory: SA21336 Secunia Advisory: SA21358 Secunia Advisory: SA21229 Secunia Advisory: SA21228 Secunia Advisory: SA21529 Secunia Advisory: SA21532 Secunia Advisory: SA21607 Secunia Advisory: SA21631 Secunia Advisory: SA22055 Secunia Advisory: SA22065 REDHAT http://rhn.redhat.com/errata/RHSA-2006-0609.html http://www.redhat.com/support/errata/RHSA-2006-0594.html http://www.redhat.com/support/errata/RHSA-2006-0611.html http://www.redhat.com/support/errata/RHSA-2006-0608.html MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:146 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:145 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:143 HP http://www.securityfocus.com/archive/1/archive/1/446657/100/200/threaded GENTOO http://security.gentoo.org/glsa/glsa-200608-04.xml http://security.gentoo.org/glsa/glsa-200608-02.xml CONFIRM http://www.mozilla.org/security/announce/2006/mfsa2006-49.html CERT-VN 897540 CERT http://www.us-cert.gov/cas/techalerts/TA06-208A.html BID 19181

Return to the previous page.