CVE-2006-1045
N/A
N/A
Summary
The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP address, when the user reads the email and the external image is accessed.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.mozilla.org/security/announce/2006/mfsa2006-26.html
- http://www.redhat.com/support/errata/RHSA-2006-0330.html
- http://secunia.com/advisories/19902
- https://usn.ubuntu.com/276-1/
- http://secunia.com/advisories/19941
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1975
- http://secunia.com/advisories/19821
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10254
- http://secunia.com/advisories/19823
- http://www.debian.org/security/2006/dsa-1051
- http://www.vupen.com/english/advisories/2006/3749
- http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
- http://www.vupen.com/english/advisories/2006/1356
- http://www.securityfocus.com/archive/1/446657/100/200/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24959
- http://securityreason.com/securityalert/514
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:078
- http://secunia.com/advisories/20051
- http://secunia.com/advisories/19863
- http://www.securityfocus.com/bid/16881
- http://www.securityfocus.com/archive/1/446657/100/200/threaded
- http://www.securityfocus.com/bid/17516
- http://www.novell.com/linux/security/advisories/2006_04_25.html
- http://www.securityfocus.com/archive/1/426347
- http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
- http://secunia.com/advisories/22065
- http://secunia.com/advisories/19950
- http://www.debian.org/security/2006/dsa-1046
References
- http://www.mozilla.org/security/announce/2006/mfsa2006-26.html
- http://www.redhat.com/support/errata/RHSA-2006-0330.html
- http://secunia.com/advisories/19902
- https://usn.ubuntu.com/276-1/
- http://secunia.com/advisories/19941
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1975
- http://secunia.com/advisories/19821
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10254
- http://secunia.com/advisories/19823
- http://www.debian.org/security/2006/dsa-1051
- http://www.vupen.com/english/advisories/2006/3749
- http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
- http://www.vupen.com/english/advisories/2006/1356
- http://www.securityfocus.com/archive/1/446657/100/200/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24959
- http://securityreason.com/securityalert/514
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:078
- http://secunia.com/advisories/20051
- http://secunia.com/advisories/19863
- http://www.securityfocus.com/bid/16881
- http://www.securityfocus.com/archive/1/446657/100/200/threaded
- http://www.securityfocus.com/bid/17516
- http://www.novell.com/linux/security/advisories/2006_04_25.html
- http://www.securityfocus.com/archive/1/426347
- http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
- http://secunia.com/advisories/22065
- http://secunia.com/advisories/19950
- http://www.debian.org/security/2006/dsa-1046
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.