Mozilla Thunderbird/Seamonkey DoS Vulnerability June-09 (Linux) Network Vulnerability

Summary

The host is installed with Thunderbird/Seamonkey and is prone to Denial of Service vulnerability.

Impact

Successful exploitation will allow attacker to execute arbitrary code via e-mail messages, and result in Denial of Service condition. Impact Level: Application

Solution

Upgrade to Seamonkey version 1.1.17 http://www.seamonkey-project.org/releases Upgrade to Thunderbird version 2.0.0.22 http://www.mozillamessaging.com/en-US/thunderbird/all.html

Insight

The flaw exists when application fails to handle user input messages via a multipart or alternative e-mail message containing a text or enhanced part that triggers access to an incorrect object type.

Affected

Seamonkey version prior to 1.1.17 and Thunderbird version prior to 2.0.0.22 on Linux.

References

http://www.mozilla.org/security/announce/2009/mfsa2009-33.html
http://xforce.iss.net/xforce/xfdb/51315

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-2210

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Reader PDF Handling Denial Of Service Vulnerability (Linux)
Adobe Reader '.ETD File' Denial of Service Vulnerability (Mac OS X)
Check for RealServer DoS
EMC NetWorker 'nsrexecd' RPC Packet Denial of Service Vulnerability
Google Chrome Multiple Denial of Service Vulnerabilities - February 11(Windows)

Take action and discover your vulnerabilities