Unrated severityNVD Advisory· Published Feb 29, 2008· Updated Jun 16, 2026
CVE-2008-0304
CVE-2008-0304
Description
Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation during message preview.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*range: <=1.1.7
- (no CPE)range: <1.1.8
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*range: <=2.0.0.9
- (no CPE)range: <2.0.0.12
Patches
Vulnerability mechanics
References
25- www.securityfocus.com/bid/28012nvdPatch
- secunia.com/advisories/29133nvdVendor Advisory
- www.kb.cert.org/vuls/id/661651nvdUS Government Resource
- labs.idefense.com/intelligence/vulnerabilities/display.phpnvd
- secunia.com/advisories/29098nvd
- secunia.com/advisories/29167nvd
- secunia.com/advisories/29211nvd
- secunia.com/advisories/30327nvd
- secunia.com/advisories/31043nvd
- secunia.com/advisories/31253nvd
- secunia.com/advisories/33433nvd
- securitytracker.com/idnvd
- slackware.com/security/viewer.phpnvd
- sunsolve.sun.com/search/document.donvd
- www.debian.org/security/2008/dsa-1621nvd
- www.debian.org/security/2009/dsa-1697nvd
- www.gentoo.org/security/en/glsa/glsa-200805-18.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.mozilla.org/security/announce/2008/mfsa2008-12.htmlnvd
- www.ubuntu.com/usn/usn-582-1nvd
- www.ubuntu.com/usn/usn-582-2nvd
- www.vupen.com/english/advisories/2008/2091/referencesnvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11075nvd
- www.redhat.com/archives/fedora-package-announce/2008-February/msg00905.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-February/msg00946.htmlnvd
News mentions
0No linked articles in our index yet.