Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
bugzilla.mozilla.org/show_bug.cgi?id=229374
marc.info/?l=bugtraq&m=109900315219363&w=2
secunia.com/advisories/10856
www.kb.cert.org/vuls/id/561022
www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7
www.novell.com/linux/security/advisories/2004_36_mozilla.html
www.redhat.com/support/errata/RHSA-2004-421.html
www.securityfocus.com/bid/15495
exchange.xforce.ibmcloud.com/vulnerabilities/16869
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11042
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3250