CVE-2004-0757

high

Description

Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.

References

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt

http://bugzilla.mozilla.org/show_bug.cgi?id=229374

http://marc.info/?l=bugtraq&m=109900315219363&w=2

http://secunia.com/advisories/10856

http://www.kb.cert.org/vuls/id/561022

http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7

http://www.novell.com/linux/security/advisories/2004_36_mozilla.html

http://www.redhat.com/support/errata/RHSA-2004-421.html

http://www.securityfocus.com/bid/15495

https://exchange.xforce.ibmcloud.com/vulnerabilities/16869

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11042

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3250

Details

Source: MITRE

Published: 2004-08-18

Updated: 2017-10-11

Type: NVD-CWE-Other

Risk Information

CVSS v2

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH