Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2006-0884HistoryFeb 24, 2006 - 10:02 p.m.
CVE-2006-0884
2006-02-2422:02:00
Debian Security Bug Tracker
security-tracker.debian.org
12
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.95
Percentile
99.3%
The WYSIWYG rendering engine (“rich mail” editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | firefox | < 1.5.dfsg+1.5.0.2-1 | firefox_1.5.dfsg+1.5.0.2-1_all.deb |
| Debian | 12 | all | thunderbird | < 1.5.0.2-1 | thunderbird_1.5.0.2-1_all.deb |
| Debian | 11 | all | thunderbird | < 1.5.0.2-1 | thunderbird_1.5.0.2-1_all.deb |
| Debian | 999 | all | thunderbird | < 1.5.0.2-1 | thunderbird_1.5.0.2-1_all.deb |
| Debian | 13 | all | thunderbird | < 1.5.0.2-1 | thunderbird_1.5.0.2-1_all.deb |
Related
openvas
openvas
FreeBSD Ports: thunderbird, mozilla-thunderbird
2008-09-04 00:00:00
FreeBSD Ports: thunderbird, mozilla-thunderbird
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200605-09 (mozilla-thunderbird)
2008-09-24 00:00:00
ubuntucve
ubuntucve
CVE-2006-0884
2006-02-24 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2006:052)
2006-03-06 00:00:00
FreeBSD : thunderbird -- javascript execution (61349f77-c620-11da-b2fb-000e0c2e438a)
2006-05-13 00:00:00
SUSE-SA:2006:021: MozillaFirefox,mozilla
2006-04-26 00:00:00
cve
cve
CVE-2006-0884
2006-02-24 22:02:00
cvelist
cvelist
CVE-2006-0884
2006-02-24 22:00:00
prion
prion
Design/Logic Flaw
2006-02-24 22:02:00
checkpoint_advisories
checkpoint_advisories
mozilla
mozilla
JavaScript execution in mail when forwarding in-line — Mozilla
2006-04-21 00:00:00
freebsd
freebsd
thunderbird -- javascript execution
2006-02-22 00:00:00
exploitdb
exploitdb
Mozilla (Multiple Products) - iFrame JavaScript Execution
2006-02-22 00:00:00
nvd
nvd
CVE-2006-0884
2006-02-24 22:02:00
suse
suse
remote code execution in MozillaFirefox,mozilla
2006-04-20 13:13:08
remote code execution in MozillaThunderbird
2006-04-25 13:15:04
remote code execution in phpMyAdmin
2006-01-26 13:53:52
redhat
redhat
(RHSA-2006:0330) thunderbird security update
2006-04-21 00:00:00
(RHSA-2006:0329) mozilla security update
2006-04-18 00:00:00
gentoo
gentoo
Mozilla Thunderbird: Multiple vulnerabilities
2006-05-08 00:00:00
Mozilla Suite: Multiple vulnerabilities
2006-04-28 00:00:00
centos
centos
devhelp, mozilla security update
2006-04-18 17:41:36
galeon, mozilla security update
2006-04-18 23:53:59
thunderbird security update
2006-04-21 17:41:34
ubuntu
ubuntu
Thunderbird vulnerabilities
2006-05-03 00:00:00
debian
debian
osv
osv
mozilla-thunderbird - several vulnerabilities
2006-05-04 00:00:00
mozilla - several
2006-04-27 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.95
Percentile
99.3%
Related for DEBIANCVE:CVE-2006-0884