Stack-based Buffer Overflow in Mozilla Firefox and Thunderbird Products
CVE-2004-0903

Currently unrated

Key Information:

Vendor

Mozilla
Status
Thunderbird
Linux
Mozilla
Vendor
CVE Published:
27 January 2005

What is CVE-2004-0903?

A stack-based buffer overflow exists in the writeGroup function of nsVCardObj.cpp, affecting certain releases of Mozilla Firefox and Thunderbird. This vulnerability can allow remote attackers to execute arbitrary code by sending specially crafted VCard attachments. If a user opens an email containing such a malformed VCard, the application fails to handle it properly during the preview, leading to potential system compromise.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.novell.com/linux/security/advisories/2004_36_m...
vendor-advisoryx_refsource_SUSE
https://exchange.xforce.ibmcloud.com/vulnerabilities/17380
vdb-entryx_refsource_XF
http://marc.info/?l=bugtraq&m=109900315219363&w=2
vendor-advisoryx_refsource_FEDORA

EPSS Score

18% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.