Denial of Service in Mozilla and Netscape Mail Clients
CVE-2002-2338

Currently unrated

Key Information:

Vendor: Mozilla
Status: Mozilla; Navigator; Communicator
Vendor: CVE Published:; 31 December 2002

What is CVE-2002-2338?

The POP3 mail clients in Mozilla versions up to 1.0 and Netscape Communicator versions up to 4.7 are susceptible to a Denial of Service vulnerability. An attacker can exploit this issue by sending a specially crafted email message that contains a dot (.) at a newline. This formatting leads the mail client to incorrectly interpret the end of the message, preventing users from receiving new emails. This vulnerability not only disrupts service but can also render the mail client unusable until addressed. Users of these obsolete versions are strongly advised to upgrade to ensure their email communications remain secure.

References

http://www.securityfocus.com/archive/1/276946

mailing-listx_refsource_BUGTRAQ

http://online.securityfocus.com/archive/1/276628

mailing-listx_refsource_BUGTRAQ

http://www.mandrakesoft.com/security/advisories?name=MDKS...

vendor-advisoryx_refsource_MANDRAKE

EPSS Score

5% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 31, 2002