Mozilla Products Denial Of Service Vulnerability (Win) Network Vulnerability

Summary

The host is installed with Thunderbird/Seamonkey and is prone to Denial Of Service vulnerability.

Impact

Successful exploitation will allow attackers to cause a denial of service or possibly execute arbitrary code via a crafted message, related to message indexing. Impact Level: Application

Solution

Upgrade to Seamonkey version 1.1.19 or later http://www.seamonkey-project.org/releases Upgrade to Thunderbird version 2.0.0.24 or later http://www.mozillamessaging.com/en-US/thunderbird/all.html

Insight

The flaw exists when processing e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to crash the application.

Affected

Seamonkey version prior to 1.1.19 and Thunderbird version prior to 2.0.0.24 on Windows.

References

http://www.mozilla.org/security/announce/2010/mfsa2010-07.html
http://www.vupen.com/english/advisories/2010/0648
http://xforce.iss.net/xforce/xfdb/56993

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0163
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

ClamAV 'cli_pdf()' PDF File Processing Denial Of Service Vulnerability
Apple Safari WebKit Property Memory Leak Remote DoS Vulnerability
ejabberd 'mod_pubsub' Module Denial of Service Vulnerability
Denial of Service (DoS) in Microsoft SMS Client
FreeType Memory Corruption and Buffer Overflow Vulnerabilities (Windows)

Take action and discover your vulnerabilities