• info
• discussion
• exploit
• solution
• references

Mozilla Browser Network News Transport Protocol Remote Heap Overflow Vulnerability

Solution:
The vendor has released an upgrade dealing with this issue.

Please see the referenced advisories for further information.


Mozilla Thunderbird 0.8

• SuSE MozillaThunderbird-0.8-5.5.i586.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/MozillaThunderbir d-0.8-5.5.i586.rpm


• SuSE MozillaThunderbird-0.8-5.5.x86_64.rpm
  ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/MozillaThunde rbird-0.8-5.5.x86_64.rpm

Mozilla Browser 1.0

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

Mozilla Browser 1.0.1

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

Mozilla Browser 1.0.2

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

Mozilla Browser 1.1

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

Mozilla Browser 1.2

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

Mozilla Browser 1.2.1

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/


• Red Hat Fedora galeon-1.2.14-0.90.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/redhat/9/updates/i386/galeon-1.2.14-0 .90.2.legacy.i386.rpm


• Red Hat Fedora mozilla-1.7.7-0.90.1.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-1.7.7-0 .90.1.legacy.i386.rpm


• Red Hat Fedora mozilla-chat-1.7.7-0.90.1.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-chat-1. 7.7-0.90.1.legacy.i386.rpm


• Red Hat Fedora mozilla-devel-1.7.7-0.90.1.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-devel-1 .7.7-0.90.1.legacy.i386.rpm


• Red Hat Fedora mozilla-dom-inspector-1.7.7-0.90.1.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-dom-ins pector-1.7.7-0.90.1.legacy.i386.rpm


• Red Hat Fedora mozilla-js-debugger-1.7.7-0.90.1.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-js-debu gger-1.7.7-0.90.1.legacy.i386.rpm


• Red Hat Fedora mozilla-mail-1.7.7-0.90.1.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-mail-1. 7.7-0.90.1.legacy.i386.rpm


• Red Hat Fedora mozilla-nspr-1.7.7-0.90.1.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-nspr-1. 7.7-0.90.1.legacy.i386.rpm


• Red Hat Fedora mozilla-nspr-devel-1.7.7-0.90.1.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-nspr-de vel-1.7.7-0.90.1.legacy.i386.rpm


• Red Hat Fedora mozilla-nss-1.7.7-0.90.1.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-nss-1.7 .7-0.90.1.legacy.i386.rpm


• Red Hat Fedora mozilla-nss-devel-1.7.7-0.90.1.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-nss-dev el-1.7.7-0.90.1.legacy.i386.rpm

Mozilla Browser 1.3

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

Mozilla Browser 1.3.1

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

Mozilla Browser 1.4 b

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

Mozilla Browser 1.4

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

Mozilla Browser 1.4 a

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

Mozilla Browser 1.4.1

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/


• Red Hat Fedora epiphany-1.0.8-1.fc1.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/1/updates/i386/epiphany-1.0.8- 1.fc1.2.legacy.i386.rpm


• Red Hat Fedora mozilla-1.7.7-1.1.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-1.7.7-1 .1.2.legacy.i386.rpm


• Red Hat Fedora mozilla-chat-1.7.7-1.1.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-chat-1. 7.7-1.1.2.legacy.i386.rpm


• Red Hat Fedora mozilla-devel-1.7.7-1.1.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-devel-1 .7.7-1.1.2.legacy.i386.rpm


• Red Hat Fedora mozilla-dom-inspector-1.7.7-1.1.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-dom-ins pector-1.7.7-1.1.2.legacy.i386.rpm


• Red Hat Fedora mozilla-js-debugger-1.7.7-1.1.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-js-debu gger-1.7.7-1.1.2.legacy.i386.rpm


• Red Hat Fedora mozilla-mail-1.7.7-1.1.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-mail-1. 7.7-1.1.2.legacy.i386.rpm


• Red Hat Fedora mozilla-nspr-1.7.7-1.1.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-nspr-1. 7.7-1.1.2.legacy.i386.rpm


• Red Hat Fedora mozilla-nspr-devel-1.7.7-1.1.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-nspr-de vel-1.7.7-1.1.2.legacy.i386.rpm


• Red Hat Fedora mozilla-nss-1.7.7-1.1.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-nss-1.7 .7-1.1.2.legacy.i386.rpm


• Red Hat Fedora mozilla-nss-devel-1.7.7-1.1.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-nss-dev el-1.7.7-1.1.2.legacy.i386.rpm

Mozilla Browser 1.4.2

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

Mozilla Browser 1.5

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

Mozilla Browser 1.5.1

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

Mozilla Browser 1.6

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/


• Red Hat Fedora epiphany-1.2.10-0.2.3.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/2/updates/i386/epiphany-1.2.10 -0.2.3.legacy.i386.rpm


• Red Hat Fedora mozilla-1.7.7-1.2.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-1.7.7-1 .2.2.legacy.i386.rpm


• Red Hat Fedora mozilla-chat-1.7.7-1.2.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-chat-1. 7.7-1.2.2.legacy.i386.rpm


• Red Hat Fedora mozilla-devel-1.7.7-1.2.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-devel-1 .7.7-1.2.2.legacy.i386.rpm


• Red Hat Fedora mozilla-dom-inspector-1.7.7-1.2.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-dom-ins pector-1.7.7-1.2.2.legacy.i386.rpm


• Red Hat Fedora mozilla-js-debugger-1.7.7-1.2.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-js-debu gger-1.7.7-1.2.2.legacy.i386.rpm


• Red Hat Fedora mozilla-mail-1.7.7-1.2.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-mail-1. 7.7-1.2.2.legacy.i386.rpm


• Red Hat Fedora mozilla-nspr-1.7.7-1.2.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-nspr-1. 7.7-1.2.2.legacy.i386.rpm


• Red Hat Fedora mozilla-nspr-devel-1.7.7-1.2.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-nspr-de vel-1.7.7-1.2.2.legacy.i386.rpm


• Red Hat Fedora mozilla-nss-1.7.7-1.2.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-nss-1.7 .7-1.2.2.legacy.i386.rpm


• Red Hat Fedora mozilla-nss-devel-1.7.7-1.2.2.legacy.i386.rpm
  Red Hat Fedora i386
  http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-nss-dev el-1.7.7-1.2.2.legacy.i386.rpm

Mozilla Browser 1.7 rc1

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

Mozilla Browser 1.7

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

Mozilla Browser 1.7 rc2

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

Mozilla Browser 1.7 rc3

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

Mozilla Browser 1.7.1

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

Mozilla Browser 1.7.2

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

Mozilla Browser 1.7.3

• Mozilla Mozilla 1.7.5
  http://www.mozilla.org/releases/

S.u.S.E. Linux Professional 10.0

• SuSE MozillaThunderbird-1.0.8-0.2.i586.rpm
  SUSE LINUX 10.0:
  ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaThunderbi rd-1.0.8-0.2.i586.rpm


• SuSE MozillaThunderbird-1.0.8-0.2.x86_64.rpm
  SUSE LINUX 10.0:
  ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/MozillaThunder bird-1.0.8-0.2.x86_64.rpm

SGI ProPack 3.0

• SGI patch10137.tar.gz
  ftp://patches.sgi.com/support/free/security/patches/ProPack/3/patch101 37.tar.gz

S.u.S.E. Linux Professional 9.1

• SuSE MozillaThunderbird-1.0.8-0.1.i586.rpm
  SUSE LINUX 9.1:
  ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/MozillaThunderbir d-1.0.8-0.1.i586.rpm


• SuSE MozillaThunderbird-1.0.8-0.1.x86_64.rpm
  SUSE LINUX 9.1:
  ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/MozillaThunde rbird-1.0.8-0.1.x86_64.rpm

S.u.S.E. Linux Professional 9.2

• SuSE MozillaThunderbird-1.0.8-0.2.i586.rpm
  SUSE LINUX 9.2:
  ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/MozillaThunderbir d-1.0.8-0.2.i586.rpm


• SuSE MozillaThunderbird-1.0.8-0.2.x86_64.rpm
  SUSE LINUX 9.2:
  ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/MozillaThunderb ird-1.0.8-0.2.x86_64.rpm

S.u.S.E. Linux Professional 9.3

• SuSE MozillaThunderbird-1.0.8-0.2.i586.rpm
  SUSE LINUX 9.3:
  ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/MozillaThunderbir d-1.0.8-0.2.i586.rpm


• SuSE MozillaThunderbird-1.0.8-0.2.x86_64.rpm
  SUSE LINUX 9.3:
  ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/MozillaThunderb ird-1.0.8-0.2.x86_64.rpm