CVE-2006-0836

Name of the Vulnerable Software and Affected Versions Mozilla Thunderbird version 1.5

Description The issue allows user-assisted attackers to cause a denial of service by tricking the user into importing an LDIF file with a long field into the address book. This can be demonstrated by a long homePhone field.

Recommendations For Mozilla Thunderbird version 1.5, avoid importing LDIF files with long fields into the address book until a fix is available. As a temporary workaround, consider restricting the import of LDIF files or limiting the length of fields that can be imported into the address book.