QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2006-1045

Back to search

CVE-2006-1045

Published: Mar 7, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP address, when the user reads the email and the external image is accessed.

VendorProductVersions

n/a

n/a

affected
n/a

References

RHSA-2006:0330
vendor-advisory
x_refsource_REDHAT
19902
third-party-advisory
x_refsource_SECUNIA
USN-276-1
vendor-advisory
x_refsource_UBUNTU
19941
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:1975
vdb-entry
signature
x_refsource_OVAL
19821
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:10254
vdb-entry
signature
x_refsource_OVAL
19823
third-party-advisory
x_refsource_SECUNIA
DSA-1051
vendor-advisory
x_refsource_DEBIAN
ADV-2006-3749
vdb-entry
x_refsource_VUPEN
GLSA-200604-18
vendor-advisory
x_refsource_GENTOO
ADV-2006-1356
vdb-entry
x_refsource_VUPEN
SSRT061236
vendor-advisory
x_refsource_HP
514
third-party-advisory
x_refsource_SREASON
MDKSA-2006:078
vendor-advisory
x_refsource_MANDRIVA
20051
third-party-advisory
x_refsource_SECUNIA
19863
third-party-advisory
x_refsource_SECUNIA
16881
vdb-entry
x_refsource_BID
HPSBUX02156
vendor-advisory
x_refsource_HP
17516
vdb-entry
x_refsource_BID
SUSE-SA:2006:022
vendor-advisory
x_refsource_SUSE
GLSA-200605-09
vendor-advisory
x_refsource_GENTOO
22065
third-party-advisory
x_refsource_SECUNIA
19950
third-party-advisory
x_refsource_SECUNIA
DSA-1046
vendor-advisory
x_refsource_DEBIAN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now