Mozilla mail products contain a heap buffer overflow vulnerability in the way they process Content-Type headers. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
Mozilla Thunderbird and SeaMonkey contain a buffer overflow vulnerability. Both applications fail to properly process long Content-Type headers in external message bodies.
A remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system
This vulnerability was reported in Mozilla Foundation Security Advisory 2006-74. Mozilla credits Georgi Guninski.
This document was written by Katie Steiner.
|Date First Published:||2006-12-20|
|Date Last Updated:||2007-01-31 21:54 UTC|