Nobody touches the second shelf but me.27 June 2009 21:50 It seems the IMAP client crash I accidentally discovered in Thunderbird/Icedove was already known. My report is a duplicate of a bug which was previously reported in 2007. Oops. ObFilm: The Lost Boys Tags: icedove, mozilla, security, thunderbird 2 comments
Comments on this entry
I've always disagreed with the Mozilla policy that an "instant crash" is a low security issue - After all If my mail/web client exits unexpectedly I'm annoyed regardless of the cause. It does look like this one is going to be fixed for the next release, but a two year old bug is a surprise. I guess anything that requires a bogus/broken/buggy IMAP server to trigger is going to be low priority - although DNS spoofing, or other redirection, could make it exploitable its not a realistic attack. |
Recent Posts
|
It really is impressive that it's 2 years old and not fixed, though. Still a good find. Maybe that'll convince someone to take care of it.