Published: 27/07/2006 Updated: 17/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Subscribe to Mozilla

Heap-based buffer overflow in Mozilla Thunderbird prior to 1.5.0.5 and SeaMonkey prior to 1.0.3 allows remote malicious users to cause a denial of service (crash) via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla thunderbird 1.5.0.2
mozilla thunderbird 1.5.0.4
mozilla seamonkey 1.0
mozilla thunderbird 1.5
mozilla seamonkey 1.0.1
mozilla seamonkey 1.0.2

Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious email containing JavaScript Please note that JavaScript is disabled by default for emails, and it is not recommended to enable it (CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805, CVE-2006 ...

This update upgrades Thunderbird from 108 to 1507 This step was necessary since the 10x series is not supported by upstream any more ...

Mozilla Foundation Security Advisory 2006-49 Heap buffer overwrite on malformed VCard Announced July 25, 2006 Reporter Daniel Veditz (Mozilla) Impact Critical Products SeaMonkey, Thunderbird Fixed in ...

NVD-CWE-Other http://www.mozilla.org/security/announce/2006/mfsa2006-49.html http://www.kb.cert.org/vuls/id/897540 http://www.securityfocus.com/bid/19181 http://securitytracker.com/id?1016587 http://securitytracker.com/id?1016588 http://secunia.com/advisories/21228 http://secunia.com/advisories/21229 http://www.redhat.com/support/errata/RHSA-2006-0608.html http://www.us-cert.gov/cas/techalerts/TA06-208A.html http://secunia.com/advisories/21246 http://www.redhat.com/support/errata/RHSA-2006-0611.html http://secunia.com/advisories/21269 http://secunia.com/advisories/21275 http://security.gentoo.org/glsa/glsa-200608-02.xml http://security.gentoo.org/glsa/glsa-200608-04.xml http://rhn.redhat.com/errata/RHSA-2006-0609.html http://secunia.com/advisories/21336 http://secunia.com/advisories/21358 https://issues.rpath.com/browse/RPL-537 ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc http://secunia.com/advisories/21250 http://secunia.com/advisories/21262 http://secunia.com/advisories/21343 http://www.novell.com/linux/security/advisories/2006_48_seamonkey.html http://secunia.com/advisories/21529 http://secunia.com/advisories/21532 http://secunia.com/advisories/21607 http://www.redhat.com/support/errata/RHSA-2006-0594.html http://secunia.com/advisories/21631 http://www.ubuntu.com/usn/usn-350-1 http://secunia.com/advisories/22055 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1 http://www.mandriva.com/security/advisories?name=MDKSA-2006:143 http://www.mandriva.com/security/advisories?name=MDKSA-2006:145 http://www.mandriva.com/security/advisories?name=MDKSA-2006:146 http://secunia.com/advisories/22065 http://www.vupen.com/english/advisories/2006/3749 http://www.vupen.com/english/advisories/2006/2998 http://www.vupen.com/english/advisories/2007/0058 https://exchange.xforce.ibmcloud.com/vulnerabilities/27985 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11395 https://usn.ubuntu.com/329-1/http://www.securityfocus.com/archive/1/446657/100/200/threaded https://nvd.nist.gov https://usn.ubuntu.com/329-1/https://www.kb.cert.org/vuls/id/897540

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook