15 matches found
SUSE CVE-2008-0304
Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation during message preview...
Slackware: Security Advisory (SSA:2008-061-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandriva Update for mozilla-thunderbird MDVSA-2008:062 (mozilla-thunderbird)
Check for the Version of mozilla-thunderbird OpenVAS Vulnerability Test Mandriva Update for mozilla-thunderbird MDVSA-2008:062 mozilla-thunderbird Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...
Ubuntu: Security Advisory (USN-582-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu Update for mozilla-thunderbird USN-582-2
Ubuntu Update for Linux kernel vulnerabilities USN-582-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN5822.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for mozilla-thunderbird USN-582-2 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
RedHat Update for thunderbird RHSA-2008:0105-02
Check for the Version of thunderbird OpenVAS Vulnerability Test RedHat Update for thunderbird RHSA-2008:0105-02 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...
Debian DSA-1621-1 : icedove - several vulnerabilities
Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0304 It was discovered that a buffer overflow in MIME decoding can lead t...
[SECURITY] [DSA 1621-1] New icedove packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1621-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 27, 2008 http://www.debian.org/security/faq -...
Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : mozilla-thunderbird, thunderbird vulnerabilities (USN-582-1)
It was discovered that Thunderbird did not properly set the size of a buffer when parsing an external-body MIME-type. If a user were to open a specially crafted email, an attacker could cause a denial of service via application crash or possibly execute arbitrary code as the user. CVE-2008-0304...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0, and -current to fix security issues. Here are the details from the Slackware 12.0 ChangeLog: patches/packages/mozilla-thunderbird-2.0.0.12-i686-1.tgz: Upgraded to thunderbird-2.0.0.12. This update fixes the following...
CVE-2008-0304
CVE-2008-0304 is a heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8, allowing remote code execution via a crafted external-body MIME type in an email. The root cause is an incorrect memory allocation during message preview, enabling an attacker to run a...
USN-582-1: Thunderbird vulnerabilities
It was discovered that Thunderbird did not properly set the size of a buffer when parsing an external-body MIME-type. If a user were to open a specially crafted email, an attacker could cause a denial of service via application crash or possibly execute arbitrary code as the user. CVE-2008-0304...
Mozilla Thunderbird MIME外部主体堆溢出漏洞
CVECAN ID: CVE-2008-0304 Thunderbird是Mozilla发布的邮件客户端,支持IMAP、POP邮件协议以及HTML邮件格式。 Thunderbird在处理畸形格式的邮件数据时存在漏洞,远程攻击者可能利用此漏洞控制用户系统。 Thunderbird没有正确地解析邮件中的external-body MIME类型,在计算所要分配堆缓冲区的字节数时没有为所要拷贝的数据保留足够的空间。如果用户受骗打开了恶意邮件消息的话,就可能最多覆盖3字节的缓冲区,导致执行任意指令。 Mozilla Thunderbird 2.0.0.9 临时解决方法:...
iDefense Security Advisory 02.26.08: Mozilla Thunderbird MIME External-Body Heap Overflow Vulnerability
iDefense Security Advisory 02.26.08 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 26, 2008 I. BACKGROUND Mozilla Thunderbird is an open source electronic mail client and news reader. Multipurpose Internet Message Extensions MIME is a standard that defines how non-text attachments and...
RHEL 4 / 5 : thunderbird (RHSA-2008:0105)
Updated thunderbird packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Updated 27th February 2008 The erratum text has been updated to include the...