SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#661651

Mozilla Thunderbird external-body MIME type buffer overflow

Overview

Mozilla Thunderbird contains a heap-based buffer overflow which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.

I. Description

Mozilla Thunderbird is an open source, cross-platform email and news client. Thunderbird uses Multipurpose Internet Message Extensions (MIME) which extends support in Thunderbird for multi-part message bodies, non-text attachments, and non-ASCII character sets. A vulnerability exists in the way Mozilla Thunderbird parses external-body MIME type in an electronic mail which may result in a heap-based buffer overflow. According to Mozilla Foundation Security Advisory 2008-12:

The vulnerability is caused by allocating a buffer that can be three bytes too small in certain cases when viewing an email message with an external MIME body.

II. Impact

A remote, unauthenticated attacker may be able to execute arbitrary code on a system running a vulnerable version of Mozilla Thunderbird.

III. Solution

Apply Update


Mozilla has has addressed this vulnerability in version 2.0.0.12. For further information regarding this vulnerability, Mozilla has published MFSA-2008-12.

Apply Workaround

As stated directly from MFSA-2008-12:

Users can prevent the vulnerable code from being triggered by setting the "mailnews.display.disallow_mime_handlers" property to any value greater than or equal to 3.

Systems Affected

VendorStatusDate NotifiedDate Updated
MozillaVulnerable6-Mar-2008

References


http://securitytracker.com/id?1019504
http://www.mozilla.org/security/announce/2008/mfsa2008-12.html
http://secunia.com/advisories/29133/

Credit

This vulnerability was reported to VeriSign iDefense by regenrecht.

This document was written by Joseph W. Pruszynski.

Other Information

Date Public:2008-02-26
Date First Published:2008-03-06
Date Last Updated:2008-03-06
CERT Advisory: 
CVE-ID(s):CVE-2008-0304
NVD-ID(s):CVE-2008-0304
US-CERT Technical Alerts: 
Metric:31.00
Document Revision:23

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Produced 2008 by US-CERT, a government organization
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader