CVE-2006-3804

Impact:
Critical
Public Date:
2006-07-26

The MITRE CVE dictionary describes this issue as:

Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow.

Find out more about CVE-2006-3804 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux version 2.1 (seamonkey) RHSA-2006:0594 2006-08-28
Red Hat Enterprise Linux version 3 (seamonkey) RHSA-2006:0608 2006-07-27
Red Hat Enterprise Linux version 4 (thunderbird) RHSA-2006:0611 2006-07-29
Red Hat Enterprise Linux version 4 RHSA-2006:0609 2006-08-02

Affected Packages State

Platform Package State
Red Hat Enterprise Linux version 4 seamonkey 1.0.3-0.el4.1 Fixed
Red Hat Enterprise Linux version 4 devhelp 0.10-0.2.el4 Fixed