| VID |
28639 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Mozilla/Thunderbird, according to its version number, contains a Vcard Handling Remote Buffer Overflow Vulnerability.
Mozilla and Thunderbird are open-source Web browsers and e-mail client, developed by the Mozilla project. Mozilla prior to 1.7.3 and Thunderbird prior to 0.8 are vulnerable to a stack-based buffer overflow in the writeGroup function in the nsVCardObj.cpp file, caused by improper bounds checking of user-supplied input. By creating a malformed vcard (vcf) file and sending the file to the target user in email, a remote attacker could overflow a buffer and execute arbitrary code on the system when the mail is previewed in the browser.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.kb.cert.org/vuls/id/414240
* Platforms Affected:
Mozilla Project: Mozilla prior to 1.7.3
Mozilla Organization: Thunderbird prior to 0.8
Apple Computer, Inc., Mac OS Any version
Linux Any version
Unix Any version
Microsoft Windows Any version |
| Recommendation |
For Mozilla Suite:
Upgrade to the latest version of Mozilla Suite (1.7.3 or later), available from the Mozilla Web site at http://www.mozilla.org/products/mozilla1.x/
For Mozilla Thunderbird:
Upgrade to the latest version of Mozilla Thunderbird (0.8 or later), available from the Mozilla Web site at http://www.mozilla.org/products/thunderbird/ |
| Related URL |
CVE-2004-0903 (CVE) |
| Related URL |
11174 (SecurityFocus) |
| Related URL |
17380 (ISS) |
|
