Intelligence Center » Browse All Vulnerabilities » CVE-2006-3804
Overview |
|
| Vulnerability Score |  5.0 |
| CVE Id | CVE-2006-3804 |
| Last Modified | 07 Mar 2011 09:39:30 |
| Published | 27 Jul 2006 03:04:00 |
| Confidentiality Impact |  NONE |
| Integrity Impact | NONE |
| Availability Impact | PARTIAL |
| Access Vector | NETWORK |
| Access Complexity | LOW |
| Authentication | NONE |
CVE-2006-3804
Summary
Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow.
Vulnerable Systems
Application
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.0.2
Mozilla Thunderbird 1.5
Mozilla Thunderbird 1.5.0.2
Mozilla Thunderbird 1.5.0.4
References
CERT - TA06-208A
CERT-VN - VU#897540
BID - 19181
SECUNIA - 21229
SECUNIA - 21228
CONFIRM - https://issues.rpath.com/browse/RPL-537
XF - mozilla-vcard-base64-bo(27985)
VUPEN - ADV-2007-0058
VUPEN - ADV-2006-3749
VUPEN - ADV-2006-2998
UBUNTU - USN-329-1
HP - HPSBUX02156
REDHAT - RHSA-2006:0611
REDHAT - RHSA-2006:0608
SUSE - SUSE-SA:2006:048
CONFIRM - http://www.mozilla.org/security/announce/2006/mfsa2006-49.html
SECTRACK - 1016588
SECTRACK - 1016587
GENTOO - GLSA-200608-04
GENTOO - GLSA-200608-02
SECUNIA - 21607
SECUNIA - 21532
SECUNIA - 21529
SECUNIA - 21358
SECUNIA - 21343
SECUNIA - 21336
SECUNIA - 21275
SECUNIA - 21269
SECUNIA - 21262
SECUNIA - 21250
SECUNIA - 21246
REDHAT - RHSA-2006:0609
SGI - 20060703-01-P
UBUNTU - USN-350-1
REDHAT - RHSA-2006:0594
MANDRIVA - MDKSA-2006:146
MANDRIVA - MDKSA-2006:145
MANDRIVA - MDKSA-2006:143
SUNALERT - 102763
SECUNIA - 22065
SECUNIA - 22055
SECUNIA - 21631
HP - SSRT061236
IT Risk Posture:
Free Risk Assessment Tools
Application Scanner
Find vulnerabilities on your network.
Device Scanner
Find vulnerabilities on your network.
Patch Scanner
Find vulnerabilities on your network.
Last Updated: 27 May 2016 10:44:53
