All the latest UK technology news, reviews and analysis

Mozilla patches critical Thunderbird flaw

by Shaun Nichols

More from this author

28 Feb 2008

Be the first to comment

  • Tweet this
Thunderbird
Mozilla has warned of a critical flaw in Thunderbird and SeaMonkey

Users are being urged to update their copies of Mozilla's Thunderbird and SeaMonkey email applications after the disclosure of a serious security flaw.

The advisory warns of a 'critical' flaw in the two applications which could allow an attacker to remotely execute code on compromised systems.

Further reading

Mozilla said that the vulnerability lies in the way Thunderbird handles Mime content in email messages.

By sending a specially crafted message, an attacker could trigger a buffer overflow error which would leave the user vulnerable to the remote installation and launch of malware.

Discovery of the flaw was credited to a security researcher using the name 'regenrecht', who reported the vulnerability in January via iDefense.

The vulnerability is patched in Thunderbird 2.0.0.12 and SeaMonkey 1.1.8. The US Computer Emergency Response Team recommended that users update to the latest versions of both applications.

Users can also patch the flaw by changing the application's 'mailnews.display.disallow_mime_handlers' property to any value greater than three.

News of the vulnerability comes just one week after Mozilla spun off Thunderbird into a subsidiary company known as Mozilla Messaging.

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Open Source

Google Chrome web browser

Google Chrome for Windows 18.0.1025.33 Beta

Related white papers

Related articles

Related jobs

Today's top stories

Microsoft Windows 8 start screen

Top 10 Microsoft Windows 8 features to be excited about

Barclays Pingit Application in use on an iPhone

Barclays launches Pingit mobile payment service for iPhone, Android and BlackBerry

V3 reporter Dan Worth

World-changing CERN experiments highlight humanity’s intrinsic curiosity

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 reporter Dan Worth

World-changing CERN experiments highlight humanity’s intrinsic curiosity

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

Support Analyst x 1/2 (Apple Mac OSX/Windows) - Bristol/Bath

Support Analyst x 1/2 Skills: Apple Mac OSX, Windows...

Network Consultant - London - 55-65k

Network Consultant - London - 55-65k My client are...

Web Graphic Designer

A leading global provider of critical information to...

Midweight UI Designer

Playstations and table football in the kitchen? Standard...

To send to more than one email address, simply separate each address with a comma.