CVE-2004-0757

EPSS 4.48%
Published 18.08.2004 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.

Affected products Warnungen 0 Metrics 2 CWE 0 References 15

Data is provided by the National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version <= 0.9

Mozilla ≫ Mozilla Version <= 1.7

Mozilla ≫ Thunderbird Version <= 0.7

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	4.48%	0.88

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

http://marc.info/?l=bugtraq&m=109900315219363&w=2

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt

http://www.novell.com/linux/security/advisories/2004_36_mozilla.html

http://www.redhat.com/support/errata/RHSA-2004-421.html

http://www.securityfocus.com/bid/15495

http://bugzilla.mozilla.org/show_bug.cgi?id=229374

Patch

Vendor Advisory

http://secunia.com/advisories/10856

http://www.kb.cert.org/vuls/id/561022

US Government Resource

http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7

https://exchange.xforce.ibmcloud.com/vulnerabilities/16869

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11042

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3250

https://nvd.nist.gov/vuln/detail/CVE-2004-0757

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-0757

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-0757

EUVD