CVE-2006-3804

Publication date 27 July 2006

Last updated 24 July 2024


Ubuntu priority

Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow.

Status

Package Ubuntu Release Status
mozilla-thunderbird 7.04 feisty
Fixed 1.5.0.13-0ubuntu0.7.04
6.10 edgy
Fixed 1.5.0.13-0ubuntu0.6.10
6.06 LTS dapper
Fixed 1.5.0.13-0ubuntu0.6.06

References

Related Ubuntu Security Notices (USN)

    • USN-350-1
    • Thunderbird vulnerabilities
    • 22 September 2006
    • USN-329-1
    • Thunderbird vulnerabilities
    • 29 July 2006

Other references