Back to search
CVE-2008-6961
Published: Aug 13, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
mailnews in Mozilla Thunderbird before 2.0.0.18 and SeaMonkey before 1.1.13, when JavaScript is enabled in mail, allows remote attackers to obtain sensitive information about the recipient, or comments in forwarded mail, via script that reads the (1) .documentURI or (2) .textContent DOM properties.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
32363
vdb-entry
x_refsource_BID
mozilla-domproperties-info-disclosure(46734)
vdb-entry
x_refsource_XF
https://bugzilla.mozilla.org/show_bug.cgi?id=458883
x_refsource_CONFIRM
http://www.mozilla.org/security/announce/2008/mfsa2008-59.html
x_refsource_CONFIRM
32715
third-party-advisory
x_refsource_SECUNIA
1021247
vdb-entry
x_refsource_SECTRACK
32714
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now