Lucene search

K
cveMitreCVE-2010-0161
HistoryMar 23, 2010 - 12:53 a.m.

CVE-2010-0161

2010-03-2300:53:22
CWE-399
mitre
web.nvd.nist.gov
32
cve-2010-0161
nsauthsspi
unwrap function
mozilla thunderbird
seamonkey
windows vista
windows server 2008 r2
windows 7
smtp
imap
pop
denial of service
code execution
sspi
nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

7.2

Confidence

High

EPSS

0.013

Percentile

85.9%

The nsAuthSSPI::Unwrap function in extensions/auth/nsAuthSSPI.cpp in Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 on Windows Vista, Windows Server 2008 R2, and Windows 7 allows remote SMTP, IMAP, and POP servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via crafted data in a session that uses SSPI.

Affected configurations

Nvd
Node
mozillathunderbirdRange2.0.0.23
OR
mozillathunderbirdMatch0.1
OR
mozillathunderbirdMatch0.2
OR
mozillathunderbirdMatch0.3
OR
mozillathunderbirdMatch0.4
OR
mozillathunderbirdMatch0.5
OR
mozillathunderbirdMatch0.6
OR
mozillathunderbirdMatch0.7
OR
mozillathunderbirdMatch0.7.1
OR
mozillathunderbirdMatch0.7.2
OR
mozillathunderbirdMatch0.7.3
OR
mozillathunderbirdMatch0.8
OR
mozillathunderbirdMatch0.9
OR
mozillathunderbirdMatch1.0
OR
mozillathunderbirdMatch1.0.1
OR
mozillathunderbirdMatch1.0.2
OR
mozillathunderbirdMatch1.0.3
OR
mozillathunderbirdMatch1.0.4
OR
mozillathunderbirdMatch1.0.5
OR
mozillathunderbirdMatch1.0.6
OR
mozillathunderbirdMatch1.0.7
OR
mozillathunderbirdMatch1.0.8
OR
mozillathunderbirdMatch1.5
OR
mozillathunderbirdMatch1.5beta2
OR
mozillathunderbirdMatch1.5.0.1
OR
mozillathunderbirdMatch1.5.0.2
OR
mozillathunderbirdMatch1.5.0.3
OR
mozillathunderbirdMatch1.5.0.4
OR
mozillathunderbirdMatch1.5.0.5
OR
mozillathunderbirdMatch1.5.0.6
OR
mozillathunderbirdMatch1.5.0.7
OR
mozillathunderbirdMatch1.5.0.8
OR
mozillathunderbirdMatch1.5.0.9
OR
mozillathunderbirdMatch1.5.0.10
OR
mozillathunderbirdMatch1.5.0.11
OR
mozillathunderbirdMatch1.5.0.12
OR
mozillathunderbirdMatch1.5.0.13
OR
mozillathunderbirdMatch1.5.0.14
OR
mozillathunderbirdMatch1.5.1
OR
mozillathunderbirdMatch1.5.2
OR
mozillathunderbirdMatch2.0.0.0
OR
mozillathunderbirdMatch2.0.0.4
OR
mozillathunderbirdMatch2.0.0.5
OR
mozillathunderbirdMatch2.0.0.6
OR
mozillathunderbirdMatch2.0.0.7
OR
mozillathunderbirdMatch2.0.0.8
OR
mozillathunderbirdMatch2.0.0.9
OR
mozillathunderbirdMatch2.0.0.12
OR
mozillathunderbirdMatch2.0.0.14
OR
mozillathunderbirdMatch2.0.0.16
OR
mozillathunderbirdMatch2.0.0.17
OR
mozillathunderbirdMatch2.0.0.18
OR
mozillathunderbirdMatch2.0.0.19
OR
mozillathunderbirdMatch2.0.0.21
OR
mozillathunderbirdMatch2.0.0.22
Node
mozillaseamonkeyRange1.1.18
OR
mozillaseamonkeyMatch1.0
OR
mozillaseamonkeyMatch1.0alpha
OR
mozillaseamonkeyMatch1.0beta
OR
mozillaseamonkeyMatch1.0.1
OR
mozillaseamonkeyMatch1.0.2
OR
mozillaseamonkeyMatch1.0.3
OR
mozillaseamonkeyMatch1.0.4
OR
mozillaseamonkeyMatch1.0.5
OR
mozillaseamonkeyMatch1.0.6
OR
mozillaseamonkeyMatch1.0.7
OR
mozillaseamonkeyMatch1.0.8
OR
mozillaseamonkeyMatch1.0.9
OR
mozillaseamonkeyMatch1.1
OR
mozillaseamonkeyMatch1.1alpha
OR
mozillaseamonkeyMatch1.1beta
OR
mozillaseamonkeyMatch1.1.1
OR
mozillaseamonkeyMatch1.1.2
OR
mozillaseamonkeyMatch1.1.3
OR
mozillaseamonkeyMatch1.1.4
OR
mozillaseamonkeyMatch1.1.5
OR
mozillaseamonkeyMatch1.1.6
OR
mozillaseamonkeyMatch1.1.7
OR
mozillaseamonkeyMatch1.1.8
OR
mozillaseamonkeyMatch1.1.9
OR
mozillaseamonkeyMatch1.1.10
OR
mozillaseamonkeyMatch1.1.11
OR
mozillaseamonkeyMatch1.1.12
OR
mozillaseamonkeyMatch1.1.13
OR
mozillaseamonkeyMatch1.1.14
OR
mozillaseamonkeyMatch1.1.15
OR
mozillaseamonkeyMatch1.1.16
OR
mozillaseamonkeyMatch1.1.17
AND
microsoftwindows_7
OR
microsoftwindows_server_2008Match-
OR
microsoftwindows_vista
VendorProductVersionCPE
mozillathunderbird1.0.7cpe:/a:mozilla:thunderbird:1.0.7:::
mozillathunderbird1.5.0.9cpe:/a:mozilla:thunderbird:1.5.0.9:::
mozillathunderbird2.0.0.18cpe:/a:mozilla:thunderbird:2.0.0.18:::
mozillathunderbird1.0cpe:/a:mozilla:thunderbird:1.0:::
mozillathunderbird2.0.0.4cpe:/a:mozilla:thunderbird:2.0.0.4:::
mozillathunderbird0.7.2cpe:/a:mozilla:thunderbird:0.7.2:::
mozillathunderbird2.0.0.17cpe:/a:mozilla:thunderbird:2.0.0.17:::
mozillathunderbird1.5.0.13cpe:/a:mozilla:thunderbird:1.5.0.13:::
mozillathunderbird1.0.5cpe:/a:mozilla:thunderbird:1.0.5:::
mozillathunderbird1.5.0.10cpe:/a:mozilla:thunderbird:1.5.0.10:::
Rows per page:
1-10 of 551

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

7.2

Confidence

High

EPSS

0.013

Percentile

85.9%