Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0304

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-0304
Last Modified 07 Mar 2011 10:04:18
Published 29 Feb 2008 02:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0304

Summary

Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation during message preview.

Vulnerable Systems

Application

  • Mozilla Seamonkey 1.1.7

  • Mozilla Thunderbird 2.0.0.9


References

CERT-VN - VU#661651

BID - 28012

VUPEN - ADV-2008-2091

CONFIRM - http://www.mozilla.org/security/announce/2008/mfsa2008-12.html

GENTOO - GLSA-200805-18

DEBIAN - DSA-1697

DEBIAN - DSA-1621

SUNALERT - 239546

SECTRACK - 1019504

SECUNIA - 33433

SECUNIA - 31253

SECUNIA - 31043

SECUNIA - 29133

IDEFENSE - 20080226 Mozilla Thunderbird MIME External-Body Heap Overflow Vulnerability

FEDORA - FEDORA-2008-2118

FEDORA - FEDORA-2008-2060

UBUNTU - USN-582-2

UBUNTU - USN-582-1

MANDRIVA - MDVSA-2008:062

SLACKWARE - SSA:2008-061-01

SECUNIA - 30327

SECUNIA - 29211

SECUNIA - 29167

SECUNIA - 29098


Last Updated: 27 May 2016 10:46:46