Vulnerabilities > Mozilla > Thunderbird > 0.7.3

DATE CVE VULNERABILITY TITLE RISK
2005-01-27 CVE-2004-0903 Remote Buffer Overflow vulnerability in Mozilla Browser Vcard Handling
Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message.
network
low complexity
mozilla conectiva redhat suse
critical
10.0
2005-01-27 CVE-2004-0902 Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.
network
low complexity
mozilla conectiva redhat suse
critical
10.0
2004-12-31 CVE-2004-0906 Unspecified vulnerability in Mozilla and Thunderbird
The XPInstall installer in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 sets insecure permissions for certain installed files within xpi packages, which could allow local users to overwrite arbitrary files or execute arbitrary code.
local
low complexity
mozilla
4.6
2004-12-31 CVE-2004-0904 Integer Overflow vulnerability in Mozilla Browser BMP Image Decoding
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
network
low complexity
mozilla netscape conectiva redhat
critical
10.0