Mozilla Thunderbird < 1.0.7 IDN URL Domain Name Overflow

High Nessus Plugin ID 19694


The remote version of Mozilla Thunderbird suffers from several flaws.


The remote host is using Mozilla Thunderbird, an email client.

The remote version of this software contains various security issues that could allow an attacker to execute arbitrary code on the remote host and to disguise URLs.


Upgrade to Thunderbird 1.0.7 or disable IDN support in the browser following the instructions in the vendor's advisory.

See Also

Plugin Details

Severity: High

ID: 19694

File Name: mozilla_thunderbird_107.nasl

Version: $Revision: 1.22 $

Type: local

Agent: windows

Family: Windows

Published: 2005/09/14

Modified: 2017/06/09

Dependencies: 20862

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:mozilla:thunderbird

Required KB Items: Mozilla/Thunderbird/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2005/09/21

Vulnerability Publication Date: 2005/09/08

Reference Information

CVE: CVE-2005-2871

BID: 14784

OSVDB: 19255