Mozilla Foundation Security Advisory 2006-74

2006-12-20T00:00:00
ID SECURITYVULNS:DOC:15433
Type securityvulns
Reporter Securityvulns
Modified 2006-12-20T00:00:00

Description

Mozilla Foundation Security Advisory 2006-74 Title: Mail header processing heap overflows Impact: Critical Announced: December 19, 2006 Reporter: Georgi Guninski, David Bienvenu Products: Thunderbird, SeaMonkey

Fixed in: Thunderbird 1.5.0.9 SeaMonkey 1.0.7 Description Georgi Guninski reported that long Content-Type headers in external message bodies could cause a heap buffer overflow when processing mail headers. While working on that code David Bienvenu discovered a similar overflow could occur when processing long rfc2047-encoded headers.

Either overflow could be exploited to execute arbitrary code. Workaround None, upgrade to a fixed version immediately. References https://bugzilla.mozilla.org/show_bug.cgi?id=362213 https://bugzilla.mozilla.org/show_bug.cgi?id=362512 CVE-2006-6505