Common Vulnerabilities and Exposures assigned an identifier CVE-2010-0163 to the following vulnerability: Name: CVE-2010-0163 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0163 Assigned: 20100106 Reference: CONFIRM: http://www.mozilla.org/security/announce/2010/mfsa2010-07.html Reference: CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=505221 Reference: UBUNTU:USN-915-1 Reference: URL: http://www.ubuntu.com/usn/USN-915-1 Reference: BID:38831 Reference: URL: http://www.securityfocus.com/bid/38831 Reference: SECUNIA:39001 Reference: URL: http://secunia.com/advisories/39001 Reference: VUPEN:ADV-2010-0648 Reference: URL: http://www.vupen.com/english/advisories/2010/0648 Reference: XF:thunderbird-messages-dos(56993) Reference: URL: http://xforce.iss.net/xforce/xfdb/56993 Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing.
This would be corrected in Red Hat Enterprise Linux 5 via RHSA-2010-0153: https://rhn.redhat.com/errata/RHSA-2010-0153.html
A patch was applied to correct this in Red Hat Enterprise Linux 4 Thunderbird via RHSA-2010-0154: https://rhn.redhat.com/errata/RHSA-2010-0154.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 3 Via RHSA-2010:0499 https://rhn.redhat.com/errata/RHSA-2010-0499.html