• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Mozilla Thunderbird Multiple Remote Information Disclosure Vulnerabilities

An exploit is not required to trigger these issues. Attackers will likely use SMTP software to exploit these issues.

The referenced message from Renaud Lifchitz <r.lifchitz@sysdream.com> contains a sample email message provided by <crashfr@sysdream.com>. The base64 encoded data directs affected applications to download content from 'http://www.sysdream.com' and 'http://www.sysdream.com/test.css'.

Symantec cannot vouch for the validity or safety of third-party websites.

• /data/vulnerabilities/exploits/thunderbird_email.txt