CVE-2010-0163 — Vulnetix

Try Vulnetix Request Demo

CVE-2010-0163 PUBLISHED CVSS 4.300000190734863 MEDIUM

Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing.

EPSS 5.44% · 90.1th percentile

Risk Scores

CVSS v2.0

4.300000190734863

EPSS Score

5.44%

90.1th percentile

Affected Products

Vendor	Product	Versions
mozilla	seamonkey	1.1.17, 0, 1.0
n/a	n/a	n/a
mozilla	thunderbird	1.5.0.10, 1.5.0.11, 1.5.0.12

Timeline

Mar 22, 2010 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score
Aug 31, 2023 EPSS Score

References

39001 third-party-advisory
ADV-2010-0648 vdb
oval:org.mitre.oval:def:14259 vdb
RHSA-2010:0499 vendor-advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=505221 url
ADV-2010-1556 vdb
SUSE-SR:2010:013 vendor-advisory
38977 third-party-advisory
thunderbird-messages-dos(56993) vdb
38831 vdb
USN-915-1 vendor-advisory
oval:org.mitre.oval:def:10805 vdb
http://www.mozilla.org/security/announce/2010/mfsa2010-07.html url
https://nvd.nist.gov/vuln/detail/CVE-2010-0163 advisory

Open in Interactive Console →