CVE-2004-0902 - Fogless Cameljockey


Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release Mozilla before 1.7.3 and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the \Send page\ functionality (2) certain responses from a malicious POP3 server or (3) a link containing a non-ASCII hostname.