Mozilla Thunderbird < 1.5 Attachment Extension Spoofing

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote version of Mozilla Thunderbird is affected by an attachment
spoofing vulnerability.

Description :

The remote host is using Mozilla Thunderbird, an email client.

The remote version of this software does not display attachments
correctly in emails. Using an overly-long filename and
specially crafted Content-Type headers, an attacker may be able to
leverage this issue to spoof the file extension and associated file
type icon and trick a user into executing an arbitrary program.

See also :

http://secunia.com/secunia_research/2005-22/advisory/
https://bugzilla.mozilla.org/show_bug.cgi?id=300246

Solution :

Upgrade to Mozilla Thunderbird 1.5 or later.

Risk factor :

Medium / CVSS Base Score : 5.1
(CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 4.4
(CVSS2#E:H/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 20735 ()

Bugtraq ID: 16271

CVE ID: CVE-2006-0236

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now