CVE-2004-0902 : Detail

CVE-2004-0902

45.56%V3
Network
2004-09-24
02h00 +00:00
2017-10-09
22h57 +00:00
CVE.org
NVD
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.

CVE Informations

Metrics

Metrics Score Severity CVSS Vector Source
V2 10 AV:N/AC:L/Au:N/C:C/I:C/A:C [email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
EPSS First.org

Products Mentioned

Configuraton 0

Mozilla>>Mozilla >> Version 1.7

Mozilla>>Mozilla >> Version 1.7.1

Mozilla>>Mozilla >> Version 1.7.2

Mozilla>>Thunderbird >> Version 0.7

Mozilla>>Thunderbird >> Version 0.7.1

Mozilla>>Thunderbird >> Version 0.7.2

Mozilla>>Thunderbird >> Version 0.7.3

Conectiva>>Linux >> Version 9.0

Conectiva>>Linux >> Version 10.0

Configuraton 0

Redhat>>Enterprise_linux >> Version 2.1

    Redhat>>Enterprise_linux >> Version 2.1

      Redhat>>Enterprise_linux >> Version 2.1

        Redhat>>Enterprise_linux >> Version 2.1

          Redhat>>Enterprise_linux >> Version 2.1

            Redhat>>Enterprise_linux >> Version 2.1

              Redhat>>Enterprise_linux >> Version 3.0

              Redhat>>Enterprise_linux >> Version 3.0

              Redhat>>Enterprise_linux >> Version 3.0

              Redhat>>Enterprise_linux_desktop >> Version 3.0

              Redhat>>Fedora_core >> Version core_1.0

                Redhat>>Linux >> Version 7.3

                Redhat>>Linux >> Version 7.3

                  Redhat>>Linux >> Version 7.3

                    Redhat>>Linux >> Version 9.0

                      Redhat>>Linux_advanced_workstation >> Version 2.1

                        Redhat>>Linux_advanced_workstation >> Version 2.1

                          Suse>>Suse_linux >> Version 1.0

                            Suse>>Suse_linux >> Version 8

                              Suse>>Suse_linux >> Version 8.1

                              Suse>>Suse_linux >> Version 8.2

                              Suse>>Suse_linux >> Version 9.0

                              Suse>>Suse_linux >> Version 9.0

                              Suse>>Suse_linux >> Version 9.0

                                Suse>>Suse_linux >> Version 9.1

                                References

                                http://marc.info/?l=bugtraq&m=109900315219363&w=2
                                Tags : vendor-advisory, x_refsource_FEDORA
                                http://security.gentoo.org/glsa/glsa-200409-26.xml
                                Tags : vendor-advisory, x_refsource_GENTOO
                                http://www.us-cert.gov/cas/techalerts/TA04-261A.html
                                Tags : third-party-advisory, x_refsource_CERT
                                http://marc.info/?l=bugtraq&m=109698896104418&w=2
                                Tags : vendor-advisory, x_refsource_HP