search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Mozilla contains a buffer overflow in the SendUidl() function

Vulnerability Note VU#561022

Original Release Date: 2004-08-20 | Last Revised: 2004-08-20


A vulnerability in the way Mozilla handles certain types of POP3 responses could allow a remote attacker to execute arbitrary code on an affected system.


Post Office Protocol Version 3 (POP3) is a mail protocol that provides a means for retrieving email from a remote server. This protocol is supported by Mozilla, Firefox, and Thunderbird. These clients contain a vulnerability that allows malformed POP3 responses to trigger a buffer overflow condition in the SendUidl() function. Such responses can be sent by a remote POP3 server and could result in arbitrary code execution.


By sending a specially crafted POP3 response to an affected client, a remote attacker could cause the client to crash or potentially execute arbitrary code. Exploitation of this vulnerability would require a user to connect to a malicious POP3 server.



Upgrade as specified by your vendor. This issue has been resolved in Mozilla 1.7, Firefox 0.9, and Thunderbird 0.7.2.

Vendor Information


Mozilla Affected

Updated:  August 20, 2004



Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.


The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CVSS Metrics

Group Score Vector



This vulnerability was reported by Zen Parse.

This document was written by Damon Morda.

Other Information

CVE IDs: CVE-2004-0757
Severity Metric: 2.70
Date Public: 2004-05-29
Date First Published: 2004-08-20
Date Last Updated: 2004-08-20 15:13 UTC
Document Revision: 17

Sponsored by CISA.