Mozilla Products Denial Of Service Vulnerability (Win) Network Vulnerability

Summary

The host is installed with Thunderbird/Seamonkey and is prone to Denial Of Service vulnerability.

Impact

Successful exploitation will allow attackers to cause a denial of service or possibly execute arbitrary code via a crafted message, related to message indexing. Impact Level: Application

Solution

Upgrade to Seamonkey version 1.1.19 or later http://www.seamonkey-project.org/releases Upgrade to Thunderbird version 2.0.0.24 or later http://www.mozillamessaging.com/en-US/thunderbird/all.html

Insight

The flaw exists when processing e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to crash the application.

Affected

Seamonkey version prior to 1.1.19 and Thunderbird version prior to 2.0.0.24 on Windows.

References

http://www.mozilla.org/security/announce/2010/mfsa2010-07.html
http://www.vupen.com/english/advisories/2010/0648
http://xforce.iss.net/xforce/xfdb/56993

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0163

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Dell OpenManage Web Server <= 3.7.1
FreeType Memory Corruption and Buffer Overflow Vulnerabilities (Windows)
DNS Amplification Attacks
Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Linux)
Comodo Internet Security Denial of Service Vulnerability-04

Take action and discover your vulnerabilities