[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249622

 
 

909

 
 

195521

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-1282Date: (C)2007-03-05   (M)2023-12-22


Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
20070202-01-P
BID-22845
SECUNIA-24406
SECUNIA-24456
SECUNIA-24457
SECUNIA-24522
SECUNIA-25588
OSVDB-33810
ADV-2007-0824
DSA-1336
FEDORA-2007-308
FEDORA-2007-309
GLSA-200703-18
RHSA-2007:0078
RHSA-2007:0108
SSA:2007-066-04
SSA:2007-066-05
http://www.mozilla.org/security/announce/2007/mfsa2007-10.html
https://bugzilla.mozilla.org/show_bug.cgi?id=362735
mozilla-email-messages-overflow(32810)
oval:org.mitre.oval:def:11313

CPE    39
cpe:/a:mozilla:thunderbird:1.0.3
cpe:/a:mozilla:thunderbird:1.0.2
cpe:/a:mozilla:thunderbird:1.0.1
cpe:/a:mozilla:thunderbird:1.0.7
...

© SecPod Technologies