Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
20 Nov 2024, 23:49
Type | Values Removed | Values Added |
---|---|---|
References | () http://bugzilla.mozilla.org/show_bug.cgi?id=257314 - Vendor Advisory | |
References | () http://marc.info/?l=bugtraq&m=109698896104418&w=2 - | |
References | () http://marc.info/?l=bugtraq&m=109900315219363&w=2 - | |
References | () http://security.gentoo.org/glsa/glsa-200409-26.xml - | |
References | () http://www.kb.cert.org/vuls/id/414240 - Third Party Advisory, US Government Resource | |
References | () http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3 - | |
References | () http://www.novell.com/linux/security/advisories/2004_36_mozilla.html - | |
References | () http://www.securityfocus.com/bid/11174 - Vendor Advisory | |
References | () http://www.us-cert.gov/cas/techalerts/TA04-261A.html - US Government Resource | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/17380 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10873 - |
Information
Published : 2005-01-27 05:00
Updated : 2024-11-20 23:49
NVD link : CVE-2004-0903
Mitre link : CVE-2004-0903
CVE.ORG link : CVE-2004-0903
JSON object : View
Products Affected
conectiva
- linux
redhat
- linux
- linux_advanced_workstation
- fedora_core
- enterprise_linux
- enterprise_linux_desktop
mozilla
- thunderbird
- mozilla
suse
- suse_linux
CWE