Overview
A vulnerability in the way Mozilla handles certain types of POP3 responses could allow a remote attacker to execute arbitrary code on an affected system.
Description
Post Office Protocol Version 3 (POP3) is a mail protocol that provides a means for retrieving email from a remote server. This protocol is supported by Mozilla, Firefox, and Thunderbird. These clients contain a vulnerability that allows malformed POP3 responses to trigger a buffer overflow condition in the SendUidl() function. Such responses can be sent by a remote POP3 server and could result in arbitrary code execution. |
Impact
By sending a specially crafted POP3 response to an affected client, a remote attacker could cause the client to crash or potentially execute arbitrary code. Exploitation of this vulnerability would require a user to connect to a malicious POP3 server. |
Solution
Upgrade Upgrade as specified by your vendor. This issue has been resolved in Mozilla 1.7, Firefox 0.9, and Thunderbird 0.7.2. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7
- http://bugzilla.mozilla.org/show_bug.cgi?id=229374
- http://xforce.iss.net/xforce/xfdb/16869
- http://www.redhat.com/support/errata/RHSA-2004-421.html
- http://secunia.com/advisories/10856/
- http://www.ciac.org/ciac/bulletins/o-195.shtml
- http://slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.667659
Acknowledgements
This vulnerability was reported by Zen Parse.
This document was written by Damon Morda.
Other Information
| CVE IDs: | CVE-2004-0757 |
| Severity Metric: | 2.70 |
| Date Public: | 2004-05-29 |
| Date First Published: | 2004-08-20 |
| Date Last Updated: | 2004-08-20 15:13 UTC |
| Document Revision: | 17 |