CVE-2004-0902

NONE EPSS 95.1%
Published Jan 27, 200521y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jan 27, 2005 21y ago
Last Modified Jun 16, 2026 2w ago

Description

Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.

Threat Intelligence

EPSS Exploit Probability
95.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 34

VendorProductVersionRange
mozillamozilla1.7any
mozillamozilla1.7.1any
mozillamozilla1.7.2any
mozillathunderbird0.7any
mozillathunderbird0.7.1any
mozillathunderbird0.7.2any
mozillathunderbird0.7.3any
conectivalinux9.0any
conectivalinux10.0any
redhatenterprise_linux2.1any
redhatenterprise_linux2.1any
redhatenterprise_linux2.1any
redhatenterprise_linux2.1any
redhatenterprise_linux2.1any
redhatenterprise_linux2.1any
redhatenterprise_linux3.0any
redhatenterprise_linux3.0any
redhatenterprise_linux3.0any
redhatenterprise_linux_desktop3.0any
redhatfedora_corecore_1.0any
redhatlinux7.3any
redhatlinux7.3any
redhatlinux7.3any
redhatlinux9.0any
redhatlinux_advanced_workstation2.1any
redhatlinux_advanced_workstation2.1any
susesuse_linux1.0any
susesuse_linux8any
susesuse_linux8.1any
susesuse_linux8.2any
susesuse_linux9.0any
susesuse_linux9.0any
susesuse_linux9.0any
susesuse_linux9.1any

References 13

Remediation

  • us-cert.gov http://www.us-cert.gov/cas/techalerts/TA04-261A.html
    PatchThird Party AdvisoryUS Government Resource