Intrusion Prevention

Mozilla.Products.Mail.Header.Buffer.Overflow

Description

Mozilla Thunderbird and SeaMonkey have multiple heap-based buffer overflow vulnerabilities. A remote attacker could execute arbitrary code on a target system by sending a specially crafted e-mail.

Affected Products

Mozilla Firefox versions prior to 2.0.0.1
Mozilla Firefox versions prior to 1.5.0.9
Mozilla Thunderbird versions prior to 1.5.0.9
Mozilla SeaMonkey versions prior to 1.0.7

Impact

System compromise.

Recommended Actions

Upgrade to the latest version, available from the web site.
http://www.mozilla.com/firefox/
Upgrade to the latest version, available from the web site.
http://www.mozilla.com/thunderbird/
Upgrade to the latest version, available from the web site.
http://www.mozilla.org/projects/seamonkey/

CVE References

CVE-2006-6505