Bugtraq mailing list archives
Re: DoS attacks on MIME-capable software via complex MIME emails
From: Dave English <dave.english () thus net>
Date: Tue, 27 Jan 2009 15:22:25 +0000
In message <20081208225217.10144.qmail () securityfocus com>, bruhns () recurity-labs com writes
...
== Specific Software == Vulnerable: Microsoft Outlook Express 6, Version 6.00.2900.5512 Opera Version: 9.51 Build: 10081 System: Windows XP Incredimail Build ID: 5853710 Setup ID: 7 Pn: 92977368 Norton Internet Security Version 15.5.0.23 ESet NOD32 2.70.0039.0000 Kaspersky Internet Security 2009; Databases from 23.07.2008 Slightly affected: Mozilla Thunderbird Version 2.0.14 (20080421) Not vulnerable: Avira Antivir Search engine: v8.01.01.11, 17.07.2008 Mutt Courier
Turnpike is also not vulnerable. Multikill is displayed correctly & Nesty is partially displayed, after a warning that the message is too complex.
== Credit == This bug was discovered by Bernhard 'Bruhns' Brehm at Recurity Labs. Company page: http://www.recurity-labs.com
... -- Dave English Internet Platform Development Senior Software & Systems Engineer Thus a Cable&Wireless business
Attachment:
signature.asc
Description:
Current thread:
- Re: DoS attacks on MIME-capable software via complex MIME emails Dave English (Jan 28)