Mozilla Products Denial Of Service Vulnerability (Linux) Network Vulnerability

Summary

The host is installed with Thunderbird/Seamonkey and is prone to Denial Of Service vulnerability.

Impact

Successful exploitation will allow attackers to cause a denial of service or possibly execute arbitrary code via a crafted message, related to message indexing. Impact Level: Application

Solution

Upgrade to Seamonkey version 1.1.19 or later http://www.seamonkey-project.org/releases Upgrade to Thunderbird version 2.0.0.24 or later http://www.mozillamessaging.com/en-US/thunderbird/all.html

Insight

The flaw exists when processing e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to crash the application.

Affected

Seamonkey version prior to 1.1.19 and Thunderbird version prior to 2.0.0.24 on Linux.

References

http://www.mozilla.org/security/announce/2010/mfsa2010-07.html
http://www.vupen.com/english/advisories/2010/0648
http://xforce.iss.net/xforce/xfdb/56993

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0163

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Adobe Acrobat PDF File Denial Of Service Vulnerability
ClamAV 'cli_pdf()' and 'cli_scanicon()' Denial of Service Vulnerabilities (Win
at32 Reverse Proxy Multiple HTTP Header Fields Denial Of Service Vulnerability
DB2 discovery service DOS
Apache Input Header Folding and mod_ssl ssl_io_filter_cleanup DoS Vulnerabilities

Take action and discover your vulnerabilities