CVE-2008-4070

Published: 27 September 2008

Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages."

Priority

Medium

Status

Package Release Status
mozilla-thunderbird
Launchpad, Ubuntu, Debian
Upstream Needs triage

thunderbird
Launchpad, Ubuntu, Debian
Upstream
Released (2.0.0.17)