| Revision Date: | 2014-10-06 | Version: | 22 |
| Title: | The nsAuthSSPI::Unwrap function in extensions/auth/nsAuthSSPI.cpp in Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 on Windows Vista, Windows Server 2008 R2, and Windows 7 allows remote SMTP, IMAP, and POP servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via crafted data in a session that uses SSPI. |
| Description: | The nsAuthSSPI::Unwrap function in extensions/auth/nsAuthSSPI.cpp in Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 on Windows Vista, Windows Server 2008 R2, and Windows 7 allows remote SMTP, IMAP, and POP servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via crafted data in a session that uses SSPI. |
| Family: | windows | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2010-0161
|
| Platform(s): | Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
| Product(s): | Mozilla Seamonkey
Mozilla Thunderbird
|
| Definition Synopsis |
| Windows Vista, 7, or Server 2008 R2 installed Microsoft Windows Vista is installed
OR Microsoft Windows 7 is installed
OR Microsoft Windows Server 2008 R2 is installed
AND Vulnerable version of Thunderbird or SeaMonkey installed
Determine if the version of Mozilla Thunderbird is less than or equal to 2.0.0.23 and is greater than or equal to 2.0.0.0
Mozilla Thunderbird Mainline release is installed
AND Determine if the version of Mozilla Thunderbird is less than or equal to 2.0.0.23
AND Determine if the version of Mozilla Thunderbird is greater than or equal to 2.0.0.0
OR Determine if the version of Mozilla Thunderbird is less than or equal to 1.5.2 and is greater than or equal to 1.0.1
Mozilla Thunderbird Mainline release is installed
AND Determine if the version of Mozilla Thunderbird is less than or equal to 1.5.2
AND Determine if the version of Mozilla Thunderbird is greater than or equal to 1.0.1
OR Determine if the version of Mozilla Seamonkey is less than or equal to 1.1 and is greater than or equal to 1.0
Mozilla Seamonkey is installed
AND Determine if the version of Mozilla Seamonkey is less than or equal to 1.1
AND Determine if the version of Mozilla Seamonkey is greater than or equal to 1.0
OR Determine if the version of Mozilla Thunderbird is less than or equal to 0.9 and is greater than or equal to 0.1
Mozilla Thunderbird Mainline release is installed
AND Determine if the version of Mozilla Thunderbird is less than or equal to 0.9
AND Determine if the version of Mozilla Thunderbird is greater than or equal to 0.1
|