PT-2006-1883 · Mozilla · Thunderbird

Javor Ninov

Published

2006-02-22

Updated

2018-10-18

CVE-2006-0836

CVSS v2.0

2.6

Low

Vector

AV:N/AC:H/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Mozilla Thunderbird version 1.5

Description The issue allows user-assisted attackers to cause a denial of service by tricking the user into importing an LDIF file with a long field into the address book. This can be demonstrated by a long homePhone field.

Recommendations For Mozilla Thunderbird version 1.5, avoid importing LDIF files with long fields into the address book until a fix is available. As a temporary workaround, consider restricting the import of LDIF files or limiting the length of fields that can be imported into the address book.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-0836

Affected Products

Thunderbird

PT-2006-1883 · Mozilla · Thunderbird

CVE-2006-0836

Related Identifiers

Affected Products

References · 7