CVE-2004-0903 Information
Description
Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release Mozilla before 1.7.3 and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message.
Reference
http://bugzilla.mozilla.org/show_bug.cgi?id=257314 http://marc.info/?l=bugtraq&m=109698896104418&w=2 http://marc.info/?l=bugtraq&m=109900315219363&w=2 http://security.gentoo.org/glsa/glsa-200409-26.xml http://www.kb.cert.org/vuls/id/414240 http://www.mozilla.org/projects/security/known-vulnerabilities.htmlmozilla1.7.3 http://www.novell.com/linux/security/advisories/2004_36_mozilla.html http://www.securityfocus.com/bid/11174 http://www.us-cert.gov/cas/techalerts/TA04-261A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/17380 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10873
Share on: