CVE-2006-6505

Multiple heap-based buffer overflows in Mozilla Thunderbird before 1.5.0.9 and SeaMonkey before 1.0.7 allow remote attackers to execute arbitrary code via (1) external message modies with long Content-Type headers or (2) long RFC2047-encoded (MIME non-ASCII) headers.

🔗 References (82)

• secalert@redhatftp://patches.sgi.com/support/free/security/advisories/20061202-01-P.asc
• secalert@redhathttp://fedoranews.org/cms/node/2297
• secalert@redhathttp://fedoranews.org/cms/node/2338
• secalert@redhathttp://rhn.redhat.com/errata/RHSA-2006-0759.html
• secalert@redhathttp://rhn.redhat.com/errata/RHSA-2006-0760.html
• secalert@redhathttp://secunia.com/advisories/23420
• secalert@redhathttp://secunia.com/advisories/23422
• secalert@redhathttp://secunia.com/advisories/23433
• secalert@redhathttp://secunia.com/advisories/23439
• secalert@redhathttp://secunia.com/advisories/23468
• secalert@redhathttp://secunia.com/advisories/23514
• secalert@redhathttp://secunia.com/advisories/23545
• secalert@redhathttp://secunia.com/advisories/23591
• secalert@redhathttp://secunia.com/advisories/23598
• secalert@redhathttp://secunia.com/advisories/23601