Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5430

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-5430
Last Modified 06 Feb 2009 02:03:52
Published 13 Dec 2008 03:40:08
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5430

Summary

Mozilla Thunderbird 2.0.14 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which might allow remote attackers to cause a denial of service (stack consumption or other resource consumption) via a large e-mail message, a related issue to CVE-2006-1173.

Vulnerable Systems

Application

  • Mozilla Thunderbird 2.0.14


References

BID - 32869

BUGTRAQ - 20081209 Re: DoS attacks on MIME-capable software via complex MIME emails

BUGTRAQ - 20081208 DoS attacks on MIME-capable software via complex MIME emails

MISC - http://mime.recurity.com/cgi-bin/twiki/view/Main/AttackIntro


Last Updated: 27 May 2016 10:48:49