A critical vulnerability affects the email client Mozilla Thunderbird 17.0.6, the popular application has a validation and filter bypass vulnerability that could be exploited by hackers to bypass the filter that prevents HTML tags from being used in messages.
This category of vulnerabilities is very insidious, the attackers could exploit it remotely to execute malicious code in the victim’s browser.
“In 2013 Q3 the researcher ateeq ur rehman khan from pakistan karachi reported a remote vulnerability in the official mozilla thunderbird. The issue has been reported with responsible disclosure to the official mozilla corporation bug bounty program. 3 year ago the same problem came up in another location of the thunderbird software application called wiretap. The remote vulnerability has been patched in January after the verification procedure of the mozilla corporation in thunderbird 24. x version.” is reported the Technical Details & Description section of the advisory.
“The persistent code injection vulnerability is located within the main application.” said the from the Vulnerability Lab
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.