VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Jan 27, 2005· Updated Apr 16, 2026

CVE-2004-0902

CVE-2004-0902

Description

Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.

Affected products

34
  • Mozilla Corporation/Mozilla3 versions
    cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:mozilla:1.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:*
  • Mozilla Corporation/Thunderbird4 versions
    cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*
  • Conectiva/Linux2 versions
    cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*
    • cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux9 versions
    cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*+ 8 more
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*
  • Red Hat/Enterprise Linux Desktop
    cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
  • Red Hat/Fedora Core
    cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*
  • Red Hat/Linux4 versions
    cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*
    • cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*
    • cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*
  • Red Hat/Linux Advanced Workstation2 versions
    cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*+ 1 more
    • cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*
    • cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*
  • SUSE S.A./Linux8 versions
    cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*+ 7 more
    • cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*
    • cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

13

News mentions

0

No linked articles in our index yet.