Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1045

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2006-1045
Last Modified 07 Mar 2011 09:31:49
Published 07 Mar 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-1045

Summary

The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP address, when the user reads the email and the external image is accessed.

Vulnerable Systems

Application

  • Mozilla Thunderbird 1.5


References

VUPEN - ADV-2006-3749

VUPEN - ADV-2006-1356

BID - 16881

HP - SSRT061236

BUGTRAQ - 20060228 Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities

SUSE - SUSE-SA:2006:004

XF - thunderbird-inline-information-disclosure(24959)

UBUNTU - USN-276-1

BID - 17516

REDHAT - RHSA-2006:0330

SUSE - SUSE-SA:2006:022

CONFIRM - http://www.mozilla.org/security/announce/2006/mfsa2006-26.html

MANDRIVA - MDKSA-2006:078

GENTOO - GLSA-200605-09

GENTOO - GLSA-200604-18

DEBIAN - DSA-1051

DEBIAN - DSA-1046

SREASON - 514

SECUNIA - 22065

SECUNIA - 20051

SECUNIA - 19950

SECUNIA - 19941

SECUNIA - 19902

SECUNIA - 19863

SECUNIA - 19823

SECUNIA - 19821

HP - HPSBUX02156


Last Updated: 27 May 2016 10:42:34