OSVDB ID: 22510

Title: Mozilla Thunderbird Attachment Extension Spoofing

Info

Disclosure

Jan 17, 2006

Discovery

Jul 01, 2005

Dates

Exploit

Unknown

Solution

Unknown

Description

Mozilla Thunderbird contains a flaw related to the way it handles attachment file names that may allow an attacker to trick a user into downloading dangerous content.

Classification

Location: Remote / Network Access
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Unknown
Disclosure: Vendor Verified

Solution

Upgrade to version 1.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Mozilla Organization

Thunderbird

1.5 beta 2

References

Credit

  • Andreas Sandblad - assecunia.com - Secunia Research


Direct URL: http://osvdb.org/22510