← back
CVE-2008-4070

CVE-2008-4070

EPSS 7.4%
Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages."
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=425152http://secunia.com/advisories/32010http://secunia.com/advisories/32025http://secunia.com/advisories/32044http://secunia.com/advisories/32082http://secunia.com/advisories/32092http://secunia.com/advisories/32196http://secunia.com/advisories/33433http://secunia.com/advisories/33434http://secunia.com/advisories/34501https://exchange.xforce.ibmcloud.com/vulnerabilities/45426