The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP address, when the user reads the email and the external image is accessed.
References
Configurations
History
21 Nov 2024, 00:07
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/19821 - | |
References | () http://secunia.com/advisories/19823 - | |
References | () http://secunia.com/advisories/19863 - | |
References | () http://secunia.com/advisories/19902 - | |
References | () http://secunia.com/advisories/19941 - | |
References | () http://secunia.com/advisories/19950 - | |
References | () http://secunia.com/advisories/20051 - | |
References | () http://secunia.com/advisories/22065 - | |
References | () http://securityreason.com/securityalert/514 - | |
References | () http://www.debian.org/security/2006/dsa-1046 - | |
References | () http://www.debian.org/security/2006/dsa-1051 - | |
References | () http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml - | |
References | () http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2006:078 - | |
References | () http://www.mozilla.org/security/announce/2006/mfsa2006-26.html - | |
References | () http://www.novell.com/linux/security/advisories/2006_04_25.html - | |
References | () http://www.redhat.com/support/errata/RHSA-2006-0330.html - | |
References | () http://www.securityfocus.com/archive/1/426347 - Exploit | |
References | () http://www.securityfocus.com/archive/1/446657/100/200/threaded - | |
References | () http://www.securityfocus.com/bid/16881 - | |
References | () http://www.securityfocus.com/bid/17516 - | |
References | () http://www.vupen.com/english/advisories/2006/1356 - | |
References | () http://www.vupen.com/english/advisories/2006/3749 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/24959 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10254 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1975 - | |
References | () https://usn.ubuntu.com/276-1/ - |
Information
Published : 2006-03-07 11:02
Updated : 2024-11-21 00:07
NVD link : CVE-2006-1045
Mitre link : CVE-2006-1045
CVE.ORG link : CVE-2006-1045
JSON object : View
Products Affected
mozilla
- thunderbird
CWE