CVE-2004-0757

2004-08-1804:00:00

mitre

web.nvd.nist.gov

cve-2004-0757

buffer overflow

senduidl

pop3

mozilla

firefox

thunderbird

security vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.017

Percentile

87.7%

JSON

Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.

Affected configurations

Nvd

Node

mozillafirefoxRange≤0.9

mozillamozillaRange≤1.7

mozillathunderbirdRange≤0.7

VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
mozillamozilla*cpe:2.3:a:mozilla:mozilla:*:*:*:*:*:*:*:*
mozillathunderbird*cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox	*	cpe:2.3:a:mozilla:firefox::::::::
mozilla	mozilla	*	cpe:2.3:a:mozilla:mozilla::::::::
mozilla	thunderbird	*	cpe:2.3:a:mozilla:thunderbird::::::::