Secunia

icon customer login

Community Login

icon customer login

icon customer login

Secunia CSI 5.0

Products

Solutions

Customers

Partner

Resources

Company

Careers

Community

CVE Reference: CVE-2006-4570
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-4570

Description: Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with "Load Images" enabled, allows remote user-assisted attackers to bypass settings that disable JavaScript via a remote XBL file in a message that is loaded when the user views, forwards, or replies to the original message.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/28962 UBUNTU http://www.ubuntu.com/usn/usn-352-1 http://www.ubuntu.com/usn/usn-361-1 http://www.ubuntu.com/usn/usn-350-1 SUSE http://www.novell.com/linux/security/advisories/2006_54_mozilla.html ST 1016866 1016867 SGI SAID Secunia Advisory: SA22391 Secunia Advisory: SA22342 Secunia Advisory: SA22299 Secunia Advisory: SA22274 Secunia Advisory: SA22247 Secunia Advisory: SA22088 Secunia Advisory: SA22074 Secunia Advisory: SA22055 Secunia Advisory: SA22036 Secunia Advisory: SA21940 Secunia Advisory: SA21939 Secunia Advisory: SA21916 Secunia Advisory: SA21915 Secunia Advisory: SA22056 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0676.html http://www.redhat.com/support/errata/RHSA-2006-0677.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10892 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2006:169 GENTOO http://security.gentoo.org/glsa/glsa-200610-04.xml http://security.gentoo.org/glsa/glsa-200610-01.xml DEBIAN http://www.debian.org/security/2006/dsa-1192 http://www.us.debian.org/security/2006/dsa-1191 CONFIRM http://www.mozilla.org/security/announce/2006/mfsa2006-63.html BID 20042

Return to the previous page.

Products

Solutions

Customers

Partner

Resources

Company

Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)

Industry
Compliance
Technology
Integration

Customers
Testimonials

VARS
MSSP
Technology Partners
References

Factsheets
Reports & Papers
Webinars
Events

About us
Careers
Memberships
Newsroom

© 2002-2012 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability