GUI display truncation vulnerability in Mozilla Thunderbird 1.0.2, 1.0.6, and 1.0.7 allows user-assisted malicious users to execute arbitrary code via an attachment with a filename containing a large number of spaces ending with a dangerous extension that is not displayed by Thunderbird, along with an inconsistent Content-Type header, which could be used to trick a user into downloading dangerous content by dragging or saving the attachment.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla thunderbird 1.0.1 |
||
mozilla thunderbird 1.0.2 |
||
mozilla thunderbird 1.0.7 |
||
mozilla thunderbird 1.5 |
||
mozilla thunderbird 1.0.5 |
||
mozilla thunderbird 1.0.6 |
||
mozilla thunderbird 1.0 |