Closed Bug 205806 Opened 21 years ago Closed 21 years ago

Possibe virus vunerability (Junk Exploit-MIME.gen.exe)

Categories

(MailNews Core :: Filters, defect)

Product:
MailNews Core
Component:
Filters
Platform:
x86
Windows 2000
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
VERIFIED INVALID

People

(Reporter: David_Charlap, Assigned: sspitzer)

Details

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3) Gecko/20030313
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4b) Gecko/20030430

After receiving my mail this morning, my virus scanner detected an infected file
and deleted it.  The log file contains:

5/15/2003    9:54  AM Deleted SYSTEM C:\Documents and
Settings\dcharlap\Application
Data\Mozilla\Profiles\default\j123klyn.slt\Mail\pop.mindspring.com\Junk
Exploit-MIME.gen.exe

I didn't create this file, and I'm pretty certain it's not a Mozilla file.  I
would guess that (from the name) some bug in Mozilla's junk mail filtering
allowed a rogue message to create this file, and it might've even been executed
if my virus scanner hadn't deleted it.

If I learn more information, I'll add it to this bug report.

Reproducible: Always

Steps to Reproduce:
Sorry.  I just re-read that log file.  I think I misread it.  It's not an
executable called "Junk Exploit-MIME.gen.exe", but a message within the Junk
folder containing the MIME.gen exploit that the virus scanner caught.
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago
Resolution: --- → INVALID
v
Status: RESOLVED → VERIFIED
Product: MailNews → Core
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.