|
|
CVE Reference: CVE-2006-0236 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-0236 |
|
|
Description: GUI display truncation vulnerability in Mozilla Thunderbird 1.0.2, 1.0.6, and 1.0.7 allows user-assisted attackers to execute arbitrary code via an attachment with a filename containing a large number of spaces ending with a dangerous extension that is not displayed by Thunderbird, along with an inconsistent Content-Type header, which could be used to trick a user into downloading dangerous content by dragging or saving the attachment. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/24164 SAID Secunia Advisory: SA15907 MISC http://secunia.com/secunia_research/2005-22/advisory MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:021 CONFIRM BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/422148/100/0/threaded BID 16271 |
|
| Return to the previous page. |
