You are here: Mozilla Foundation Security Advisories > MFSA 2008-26

Mozilla Foundation Security Advisory 2008-26

Title: Buffer length checks in MIME processing
Impact: Low
Announced: July 23, 2008
Reporter: Mozilla developers
Products: Thunderbird, SeaMonkey

Fixed in: Thunderbird
  SeaMonkey 1.1.10


As a follow-up to vulnerability reported in MFSA 2008-12 Mozilla has checked similar constructs in the rest of the MIME handling code. Although no further buffer overflows were found we changed several function calls to use safer versions of the string routines that will be more robust in the face of future code changes.