CVE-2008-4070
Published: 27 September 2008
Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages."
Priority
Status
Package | Release | Status |
---|---|---|
mozilla-thunderbird Launchpad, Ubuntu, Debian |
dapper |
Released
(1.5.0.13+1.5.0.15~prepatch080614g-0ubuntu0.6.06.1)
|
feisty |
Released
(1.5.0.13+1.5.0.15~prepatch080614g-0ubuntu0.7.04.1)
|
|
gutsy |
Does not exist
|
|
hardy |
Does not exist
|
|
upstream |
Needs triage
|
|
thunderbird Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
feisty |
Does not exist
|
|
gutsy |
Released
(2.0.0.17+nobinonly-0ubuntu0.7.10.1)
|
|
hardy |
Released
(2.0.0.17+nobinonly-0ubuntu0.8.04.1)
|
|
upstream |
Released
(2.0.0.17)
|