CVE-2006-4570 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-4570
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-4570

Description: Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with "Load Images" enabled, allows remote user-assisted attackers to bypass settings that disable JavaScript via a remote XBL file in a message that is loaded when the user views, forwards, or replies to the original message.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/28962 UBUNTU http://www.ubuntu.com/usn/usn-352-1 http://www.ubuntu.com/usn/usn-361-1 http://www.ubuntu.com/usn/usn-350-1 SUSE http://www.novell.com/linux/security/advisories/2006_54_mozilla.html ST 1016866 1016867 SGI SAID Secunia Advisory: SA22342 Secunia Advisory: SA22299 Secunia Advisory: SA22274 Secunia Advisory: SA22247 Secunia Advisory: SA22088 Secunia Advisory: SA22074 Secunia Advisory: SA22055 Secunia Advisory: SA22036 Secunia Advisory: SA21939 Secunia Advisory: SA21940 Secunia Advisory: SA21915 Secunia Advisory: SA21916 Secunia Advisory: SA22391 Secunia Advisory: SA22056 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0677.html http://www.redhat.com/support/errata/RHSA-2006-0676.html MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:169 GENTOO http://security.gentoo.org/glsa/glsa-200610-04.xml http://security.gentoo.org/glsa/glsa-200610-01.xml DEBIAN http://www.debian.org/security/2006/dsa-1192 http://www.us.debian.org/security/2006/dsa-1191 CONFIRM http://www.mozilla.org/security/announce/2006/mfsa2006-63.html BID 20042

Return to the previous page.