CVE: CVE-2006-1045

Descrizione: The HTML rendering engine in Mozilla Thunderbird 1.5, when “Block loading of remote images in mail messages” is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP address, when the user reads the email and the external image is accessed.

Vettore di attacco

Riferimenti esterni

• http://www.mozilla.org/security/announce/2006/mfsa2006-26.html
• http://www.redhat.com/support/errata/RHSA-2006-0330.html
• http://secunia.com/advisories/19902
• https://usn.ubuntu.com/276-1/
• http://secunia.com/advisories/19941
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1975
• http://secunia.com/advisories/19821
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10254
• http://secunia.com/advisories/19823
• http://www.debian.org/security/2006/dsa-1051
• http://www.vupen.com/english/advisories/2006/3749
• http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
• http://www.vupen.com/english/advisories/2006/1356
• http://www.securityfocus.com/archive/1/446657/100/200/threaded
• https://exchange.xforce.ibmcloud.com/vulnerabilities/24959
• http://securityreason.com/securityalert/514
• http://www.mandriva.com/security/advisories?name=MDKSA-2006:078
• http://secunia.com/advisories/20051
• http://secunia.com/advisories/19863
• http://www.securityfocus.com/bid/16881
• http://www.securityfocus.com/archive/1/446657/100/200/threaded
• http://www.securityfocus.com/bid/17516
• http://www.novell.com/linux/security/advisories/2006_04_25.html
• http://www.securityfocus.com/archive/1/426347
• http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
• http://secunia.com/advisories/22065
• http://secunia.com/advisories/19950
• http://www.debian.org/security/2006/dsa-1046

Prodotti interessati

• n/a – n/a

Relazioni con altri prodotti

Nessun prodotto trovato per il CVE: cve-2006-1045